Abstract
Workflow Management (WFM) Systems automate traditional processes where information flows between individuals. WFM systems have two major implications for security. Firstly, since the description of a workflow process explicitly states when which function is to be performed by whom security specifications may be automatically derived from such descriptions. Secondly, the derived security specifications have to be enforced. This paper considers these issues for a Cyberspace workflow system by describing a small, but comprehensive example.
The notion of an Alter-ego is central in this description: Alter-egos are objects that represent individuals in Cyberspace (and not merely identify them). In Cyberspace, documents in a workflow system therefore flow between Alter-egos, rather than between individuals.
Chapter PDF
Similar content being viewed by others
References
Atluri, V., and Huang, W.K. (1996) An extended petri net model for supporting workflow in a multilevel secure environment, Proc. Annual IFIP WG 11.3 Conf. on Database Security, Como, Italy, August, 1996, pp. 199–216.
Atluri, V., and Huang, W.K. (1996) An Authorization Model for Workflows, Computer Security — ESORICS 1996 (eds. E. Bertino, H. Kurth, G. Martella and E. Montolivo ), Springer, 1996, pp. 44–64.
Bertino, E., Bettini, C., and Samarati, P. (1994) A Time-based Authorization Model, Proc. ACM Int. Conf. on Computer and Communication Workflow security in cyberspaces 195 Security, Fairfax, Va, Nov. 1994, pp. 126–135.
Georgakopoulos, D., Hornick, M., and Sheth, A. (1995) An overview of workflow management: from process modelling to workflow automation infrastructure, Distributed and Parallel Databases, Vol 3, No. 2, 1995, pp. 119–154.
Lipp, P., and Hassler, V. (1996) Security concepts for the WWW, Proc. 2nd Int. Conf. on Communication and Multi-media security, Essen, Germany, 1996, pp. 85–95.
MicroSoft Corp. (1996) URL: http://microsoft.com/intdev/security/misfl3_4.htm
Miller, J.A., Sheth, A.P., Kochut, K.J., and Wang, X. (1996) CORBA-based run-time architecture for Workflow management systems, Journal of Database Management, Vol 7, No. 1, Winter, 1996, pp. 16–27.
Olivier, M.S. (1996) Using workflow to enhance security in federated databases, Proc. 2nd Int. Conf. on Communication and Multimedia Security, Essen, Germany, 1996, pp. 61–72.
Object Management Group (1993) The Common Object Request Broker: Architecture and Specification, OMG Document No. 93.12.1, December, 1991.
Object Management Group (1996) URL: http://www.omg.org:80/docs/orbos/ Documents: 96–08–03.ps, 96–08–04.ps, 96–08–05.ps, and 96–08–06.ps.
Radu, S., Dehne, F., and Van de Riet, R.P. (1997) A first step towards distributed Mokum, Technical Report 428, Computer Science Department, Vrije Universiteit, Amsterdam, In preparation.
Riet, R.P. van de, and Burg, J.F.M. (1996a) Modelling Alter-egos in Cyberspace: who is responsible?, Proc. of Web Net 96, San Francisco, 1996, AACE, Charlottesville, USA, pp. 462–467.
Riet, R.P. van de, and Burg, J.F.M. (1996b) Linguistic Tools for Modelling Alter Egos in Cyberspace: Who is Responsible?, Journal of Universal Computer Science, Vol 2, No. 9, Springer, 1996, pp. 623–636.
Riet, R.P. van de, and Burg, J.F.M. (1997) Modelling Alter-egos in Cyberspace using a Work Flow Management Tool: who takes care of Security and Privacy?, Submitted.
Riet, R.P. van de, and Gudes, E. (1996) An object-oriented database architecture for providing high-level security in Cyberspace, Proc. 10th Annual IFIP WG 11.3 Conf. on Database Security, Como, Italy, August, 1996, pp. 92–115.
Weeks, J.A., Cain, A., and Sanderson, B. (1996) CCIBased Web security: a design using PGP, URL: http://sdg. ncsa. uiuc. edu/- jweeks/www4/paper/current_rev.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1998 IFIP
About this chapter
Cite this chapter
Gudes, E., van de Riet, R.P., Burg, J.F.M., Olivier, M.S. (1998). Alter-egos and Roles — Supporting Workflow Security in Cyberspace. In: Lin, T.Y., Qian, S. (eds) Database Security XI. IFIP Advances in Information and Communication Technology. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35285-5_11
Download citation
DOI: https://doi.org/10.1007/978-0-387-35285-5_11
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-5041-2914-5
Online ISBN: 978-0-387-35285-5
eBook Packages: Springer Book Archive