Flexible Workflow Incorporated with RBAC

  • Yuqing Sun
  • Xiangxu Meng
  • Shijun Liu
  • Peng Pan
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3865)


In this paper, we propose a new model to incorporate RBAC into a flexible workflow system. Without compromising the flexibility of workflow, this model can effectively enhance the security control of the user access to the workflow system. Specifically, it provides the corresponding mechanism to maintain the constraint consistency in dynamic management of workflow. We present the basic design and the integrated architecture of the model and discuss an application system that has implemented this new model to manage the business processes of property rights exchange in a government organization in China.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Chaari, S., Amar, C.B., Biennier, F., Favrel, J.: An Authorization and Access Control Model for Workflow. In: Proceedings of the 1st International Workshop on Computer Supported Activity Coordination, CSAC 2004, Porto, Portugal, pp. 21–30 (2004)Google Scholar
  2. 2.
    Power, T., Tangled, W.: Tales of Digital Crime from the Shadows of Cyberspace. Que Macmillan Publishing, Basingstoke (2000)Google Scholar
  3. 3.
    Sahni, S.: Data Structures, Algorithms, and Applications in C++. WCB McGraw-Hill, New York (2001)MATHGoogle Scholar
  4. 4.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Rose-Based Access Control Model. IEEE Computer 29(2), 38–47 (1996)CrossRefGoogle Scholar
  5. 5.
    Thomas, R.K., Sandhu, R.S.: Task-based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-oriented Authorization Management. In: Proceedings of IFIP WG11.3 Workshop on Database Security, Lake Tahoe, California, USA (1997)Google Scholar
  6. 6.
    Bertino, E., Ferrari, E., Atluri, V.: A Flexible Model for the Specification and Enforcement of Authorization Constrains in WFMS. In: Proceedings of 2nd ACM Workshop on Role Based Access Control, Fairfax, VA (1997)Google Scholar
  7. 7.
    Bertino, E., Ferrari, E., Atluri, V.: An Approach for the Specification and Enforcement of Authorization Constrains in Workflow Management System. ACM Transactions on Information System Security 1(1) (1999)Google Scholar
  8. 8.
    Oh, S., Park, S.: Task-role based access control (T-RBAC): An improved access control model for enterprise environment. In: Ibrahim, M., Küng, J., Revell, N. (eds.) DEXA 2000. LNCS, vol. 1873, pp. 264–273. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  9. 9.
    Oh, S., Park, S.: An Integration Model of Role Based Access Control and Activity-Based Access Control Using Task. In: Proceedings 14th Annual IFIP WG 11.3 Working Conference on Database Security, pp. 557–569 (2000)Google Scholar
  10. 10.
    Bertino, E., Bonatti, P.A.: TRBAC: A Temporal Role-Based Access Control Model. ACM Transaction on Information and System Security 4(3), 191–223 (2001)CrossRefGoogle Scholar
  11. 11.
    Ahn, G.-J., Sandhu, R., Kang, M., Park, J.: Injecting RBAC to Secure a Web-based Workflow System. In: Proceedings of 5th ACM Workshop on Role Based Access Control, Berlin, Germany (2000)Google Scholar
  12. 12.
    Heinl, P., Horn, S., Jablonski, S., Neeb, J., Stein, K., Teschke, M.: A Comprehensive Approach to Flexibility in Workflow Management Systems. In: Proceedings of the International Joint Conference on Work Activities Coordination and Collaboration, WACC 1999, pp. 79–89. ACM, San Francisco (1999)CrossRefGoogle Scholar
  13. 13.
    Li, H.C., Shi, M.L.: Workflow Models and Their Formal Descriptions. Chinese Journal of Computer 26(11), 1456–1463 (2003)Google Scholar
  14. 14.
    Deng, S.G., Yu, Z., Wu, Z., Huang, L.C.: A workflow Model Supporting Flexible Process Using Activities Combination at Run Time. In: Proceeding of 8th CSCWD (2003)Google Scholar
  15. 15.
    Van der Aalist, W.M.P., Berens, P.J.S.: Beyond Workflow Management: Product-Driven Case Handing. In: Proceedings of ACM GROUP 2001, Boulder, Colorado, USA, pp. 42–51 (2001)Google Scholar
  16. 16.
    Mangan, P.J., Sadiq, S.: A Constraints Specification Approach to Building Flexible Workflows. Journal of Research and Practice in Information Technology (2002)Google Scholar
  17. 17.
    Wainer, J., Bezerra, F., Barthelmess, P.: Tucupi: A Flexible Workflow System Based on Override Constraints. In: Proceedings of the ACM Symposium on Applied Computing, pp. 498–502 (2004)Google Scholar
  18. 18.
    Muehhlen, M.Z.: Organization Management in Workflow Application. Journal of Information Technology and Management 5, 271–291 (2004)CrossRefGoogle Scholar
  19. 19.
    Sadiq, S., Sadiq, W., Orlowska, M.: Pockets of Flexibility in Workflow Specifications. In: Proceedings of 20th International Conference in Conceptual Modeling, Yokohama, Japan, pp. 513–526 (2001)Google Scholar
  20. 20.
    Sandhu, R.S., Ferraiolo, D.: The NIST Model for Role-Based Access Control: Towards a Unified Standard. In: Proceedings of 5th ACM Workshop on Role Based Access Control, pp. 47–63 (2000)Google Scholar
  21. 21.
    WfMC: Workflow Security Considerations White Paper, Document Number WFMC-TC- 1019, Document Status – Issue 1.0 (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Yuqing Sun
    • 1
  • Xiangxu Meng
    • 1
  • Shijun Liu
    • 1
  • Peng Pan
    • 1
  1. 1.School of Computer Science and TechnologyShandong UniversityJinan, ShandongChina

Personalised recommendations