Implementing Workflow Systems

  • Lucas Dreyer
  • Martin Olivier
Part of the IFIP — The International Federation for Information Processing book series (IFIPAICT, volume 128)


Workflow systems are becoming increasingly important as organisations automate their paper-based processes. Workflow systems make it possible to track processes and the responsibilities of individuals within these processes with relative ease. It is further possible to implement complex constraints including security and access control with workflow systems. Separation-of-duty is a security constraint that recently started to find its way into the workflow environment. A workflow model is presented in this paper that implements role-based access control and separation-of-duty. This model extends previous research by including semantics that can be used to implement the model. A prototype of the model has been implemented with Microsoft’s SQL Server, the Distributed Component Object Model (DCOM) and Visual Basic.


Workflow access control separation-of-duty DCOM 


  1. [1]
    D. Box, K. Brown, T. Ewald and C. Sells, Effective COM 50 Ways to Improve Your COM and MTS-based Applications. Addison-Wesley, Reading, Massachusetts, 1999.Google Scholar
  2. [2]
    L. Fischer (ed.), The Workflow Handbook 2001, published in association with the Workflow Management Coalition (WfMC) [9], Future Strategies, Lighthouse Point, Florida, 2000.Google Scholar
  3. [3]
    R. Grimes, Visual C++ 6 MTS Programming, Wrox, Birmingham, U.K., 1999.Google Scholar
  4. [4]
    W. Huang and V. Atluri, Analyzing the safety of workflow authorization models, in S. Jajodia (ed.), Database Security, XII: Status and Prospects, Kluwer, Dordrecht, The Netherlands, pp. 43–57, 1999.CrossRefGoogle Scholar
  5. [5]
    L.G. Lawrence, The role of roles, Computers and Security, Vol. 12 (1), pp. 15–21, 1993.CrossRefGoogle Scholar
  6. [6]
    Microsoft Corporation, Microsoft Developers Network (MSDN), Redmond, Washington, 2001.Google Scholar
  7. [7]
    R.S. Sandhu, Separation of duties in computerized information systems, in S. Jajodia and C. Landwehr (eds.), Database Security, IV: Status and Prospects, North Holland, Amsterdam, The Netherlands, pp. 179–189, 1991.Google Scholar
  8. [8]
    R.S. Sandhu, E.J. Coyne, H.L. Fernstein and C.E. Youman, Role-based access control models, IEEE Computer, Vol. 29 (2), pp. 38–47, 1996.CrossRefGoogle Scholar
  9. [9]
    Workflow Management Consortium (Wfmc).Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2003

Authors and Affiliations

  • Lucas Dreyer
  • Martin Olivier

There are no affiliations available

Personalised recommendations