Abstract
Security issues pertaining to workflow systems are becoming increasingly important for the cross-enterprises interoperability in insecure environments. Among them, access control for information confidentiality and integrity has attracted widespread attention. However, in the context of the contemporary dynamic business environment, the traditional workflow authorization model (WAM) faces limitations in handling the consequences of dynamic workflow changes and exceptions, since it focuses primarily on the synchronization of authorization flow by using authorization templates (ATs). In this paper, we propose a flexible access control with dynamic checking features for handling workflow changes and exceptions. Extended temporal role-based access control and flexible workflow authorization template are adopted in order to further enhance the traditional AT, thereby ensuring information confidentiality and integrity. Additionally, a case study applying the proposed model to uEngine, an open source workflow management system, is presented.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Li, S., Kittel, A., Jia, D., Zhuang, G.: Security Considerations for Workflow Systems. In: IEEE/IFIP Network Operations and Management Symposium, pp. 655–668 (2000)
Atluri, V.: Security for Workflow Systems. Information Security Technical Report 6, 59–68 (2001)
Atluri, V., Huang, W.K.: An Authorization Model for Workflows. In: The Fifth European Symposium on Research in Computer Security, pp. 44–64 (1996)
Bertino, E., Bonatti, P.A.: TRBAC: A Temporal Role-based Access Control Model. ACM Transaction Information and System Security 4, 191–223 (2001)
Liu, D.M., Lee, S.: Role-based authorizations for workflow systems in support of task-based separation of duty. The J. of Systems and Software 73, 375–387 (2004)
Wei, X., Jun, W., Yu, L., Jing, L.: SOWAC: A Service-Oriented Workflow Access Control Model. In: 28th Annual International Computer Software and Applications Conference, pp. 128–134 (2004)
Thomas, R.K., Sandhu, R.S.: Task-based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-oriented Authorization Management. In: The IFIP WG11.3 Workshop on Database Security, pp. 166–181 (1997)
Agostini, A., De Michelis, G.: Improving Flexibility of Workflow Management Systems. In: van der Aalst, W.M.P., Desel, J., Oberweis, A. (eds.) Business Process Management. LNCS, vol. 1806, pp. 218–234. Springer, Heidelberg (2000)
Tinderle, S., Teichert, M., Dadam, P.: Correctness criteria for dynamic changes in workflow systems – a survey. Data & Knowledge Engineering 50, 9–34 (2004)
Aalst, W.M.P., van de Jablonski, S. (eds.): Flexible workflow technology driving the networked economy. Int. J. of Computer Systems, Science, and Engineering 15, 265–266 (2000)
Yang, L., Choi, Y., Han, K., Bae, S., Kim, M.: Evaluating Academic Process Designer for Workflow Modeling and Analysis. System and Information Science Notes (SISN) 1, 37–40 (2007)
Jang, J., Choi, Y., Zhao, J.L.: An Extensible Workflow Architecture through Web Services. Int. J. of Web Services Research 1, 1–15 (2004)
Jang, J., Choi, Y., Zhao, J.L.: Adaptive Workflow Management with Open Kernel Framework Based on Web Services. In: International conference on Web Service 2003, pp. 124–130 (2003)
Jang, J., Choi, Y., Zhao, J.L.: Web Service Based Universal Management of Workflow Resources. In: 2004 International Conference on E-business, pp. 452–459 (2004)
Crowe, M., Kydd, S.: Agents and Suggestions in a Web-based Dynamic Workflow Model. Automation in Construction 10, 639–643 (2001)
Smari, W.W., Donepudi, S., Kim, S., McQuay, W.K.: Efficient Handling of Changes in Dynamic Workflow Systems. In: 2006 International Symposium on Collaborative Technologies and Systems, pp. 440–449 (2006)
Yang, L., Choi, Y., Choi, M., Zhao, X.: FWAM: A Flexible Workflow Authorization Model using extended RBAC. In: 12th International Conference on Computer Supportive Collaborative Work in Design, pp. 625–629 (2008)
uEngine, http://www.uengine.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yang, L., Choi, Y. (2008). A Flexible Access Control Model for Dynamic Workflow Using Extended WAM and RBAC. In: Shen, W., Yong, J., Yang, Y., Barthès, JP.A., Luo, J. (eds) Computer Supported Cooperative Work in Design IV. CSCWD 2007. Lecture Notes in Computer Science, vol 5236. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-92719-8_44
Download citation
DOI: https://doi.org/10.1007/978-3-540-92719-8_44
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-92718-1
Online ISBN: 978-3-540-92719-8
eBook Packages: Computer ScienceComputer Science (R0)