Nowadays, all access control models take a system-centric view of protecting resources, and they don't take the context into account when controlling the permissions. However, with the development of databases, networking, and distributed computing, it causes people to shift the focus on security issues from the protection of individual objects and subjects in isolated computer systems, to the protection of dynamically authorization with different task. In this paper, an access control mechanism called TBAC (task-based access control) is introduced, which models from the tasks in workflow and dynamically manage the permissions through tasks and tasks' status. The TBAC is well suited for distributed computing, information processing activities with multiple points of access, and decision making in workflow and distributed process and transaction management system. The basic concepts of TBAC are introduced and a formalization description and an analysis are given. It is clear that TBAC will be used widely in many fields, such as OA, business, and so on.
[1]
George Coulouris,et al.
Role and task-based access control in the PerDiS groupware platform
,
1998,
RBAC '98.
[2]
Vijayalakshmi Atluri,et al.
An Authorization Model for Workflows
,
1996,
ESORICS.
[3]
Lawrence Snyder,et al.
Formal Models of Capability-Based Protection Systems
,
1981,
IEEE Transactions on Computers.
[4]
Ravi S. Sandhu,et al.
Towards a task-based paradigm for flexible and adaptable access control in distributed applications
,
1993,
NSPW '92-93.
[5]
Ravi S. Sandhu,et al.
Role-Based Access Control Models
,
1996,
Computer.