Deploying Access Control in Distributed Workflow

Workflows are operational business processes. Workfow Management Systems (WFMS) are concerned with the control and coordination of these workflows. In recent years, there has been a trend to integrate WFMS in distributed inter-organizational systems. In this case malfunctioning of one WFMS can affect more than one organization, making the correct functioning of a WFMS a critical issue. Thus, an important function of WFMS is to enforce the security of these inter-organizational workflows. Several works have been done to integrate the security aspects in the workflow specification. Unfortunately, these research works generally adopt a centralized management approach and are based on static access control models. In this paper, we suggest a decentralized and dynamic approach to handle access control in workflows.

[1]  Elisa Bertino,et al.  The specification and enforcement of authorization constraints in workflow management systems , 1999, TSEC.

[2]  D. Hollingsworth The workflow Reference Model , 1994 .

[3]  Vijayalakshmi Atluri,et al.  SecureFlow: a secure Web-enabled workflow management system , 1999, RBAC '99.

[4]  Nora Cuppens-Boulahia,et al.  A Formal Approach to Specify and Deploy a Network Security Policy , 2004, Formal Aspects in Security and Trust.

[5]  Nathaniel Palmer,et al.  Workflow Management Coalition , 2009, Encyclopedia of Database Systems.

[6]  Vijayalakshmi Atluri,et al.  Modeling and Analysis of Workflows Using Petri Nets , 1998, Journal of Intelligent Information Systems.

[7]  James F. Allen Towards a General Theory of Action and Time , 1984, Artif. Intell..

[8]  Nora Cuppens-Boulahia,et al.  Nomad: a security model with non atomic actions and deadlines , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[9]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[10]  Vijayalakshmi Atluri,et al.  An Authorization Model for Workflows , 1996, ESORICS.

[11]  R. Y. Kain,et al.  The extended access matrix model of computer security , 1985, SOEN.

[12]  F. Cuppens,et al.  Inheritance hierarchies in the Or-BAC model and application in a network environment , 2022 .

[13]  Frédéric Cuppens,et al.  Modelling contexts in the Or-BAC model , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..