期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于实例分解的工作流授权合理性验证 被引量:3

Verification of workflow authorization reasonability based on business instance decomposition
下载PDF
导出
摘要 为提高工作流授权合理性验证的效率,增强对执行时任务指派的支持,提出了基于问题分解的工作流授权合理性验证方法。通过基于业务实例的工作流模型分解,将工作流授权合理性问题分解为业务实例、业务实例的并发任务集合、并发任务集合中任务的授权合理性问题,得到工作流授权合理性问题的与/或树表示。利用定义的合理指派路径及其串联操作,分析了工作流授权合理性问题与/或树节点的可解性。给出了基于与/或树搜索实现工作流授权合理性验证的算法,并分析了算法的复杂度及其输出的合理指派路径对工作流执行时任务指派的支持。在与/或树基础上,通过选择合适的启发函数,可以进一步提高验证效率,或快速生成适合问题需求的最佳解树。 In order to improve the verification efficiency of Workflow Authorization Reasonability (WAR) and enhance supporting task assignment at operation time, the WAR verification method based on problem decomposition was proposed. By decomposing workflow model based on their business instances, the verification of WAR was reduced to that of its business instances, the parallel task sets of the business instances and the tasks authorization reasonability in the parallel task set, thus the corresponding And/Or tree notation was obtained. Using the defined reasonable task assignment path and its concatenate operation,the solution of And/Or tree of WAR was studied. Based on And/Or tree search, the verification algorithms of WAR and its business instance were given. The complexities of algorithms were analyzed. Using the obtained rational task assignment paths,the running--time task assignment of the workflow could be directed. In the conclusion, it was pointed out that more efficient verification algorithms of WAR could be acquired or a best solution tree could be generated speedily based on the proposed And/Or tree and the special heuristic function.
作者 欧阳昱 刘玉树
机构地区 北京理工大学信息科学技术学院
出处 《计算机集成制造系统》 EI CSCD 北大核心 2006年第5期697-701,共5页 Computer Integrated Manufacturing Systems
基金 国家"十五"科技攻关计划课题资助项目(2001BA105A1006)~~
关键词 工作流 授权约束 任务指派 合理性 验证 workflow authorization constraint And/Or tree task assignment reasonability verification
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献6

  • 1ATLURI V, HUANG W K. A Petri net based safety analysis of workflow authorization models[J]. Journal of Computer Security, 2000,8(2/3): 209 - 240.
  • 2KNORR K,STORMER H. Modeling and analyzing separation of duties in workflow environments [ A]. Proceedings of 16^th IFIP/SEC[C]. London, U. K.: Royal Holloway, University of London, 2001. 199-212.
  • 3FABIO C,SILVANA C,MARIA G F. Managing workflow authorization constraints through active database technology[J].Information Systems Frontiers, 2001,3 (3): 319- 338.
  • 4JASON C. On the satisfiability of constraints in workflow systems[EB/OL]. http://www. rhul. ac. uk/mathematics/techreports, 2004- 05- 24.
  • 5BERTINO E,FERRARI E, ATLURI V. An authorization model for supporting the specification and enforcement of authorization constraints in workflow management systems[J].ACM Transactions on Information and System Security, 1999,2(1) :65-104.
  • 6李建强,范玉顺.基于Petri网的工作流模型性能分析方法[J].计算机应用,2001,21(6):4-6. 被引量:28

二级参考文献5

  • 1[1]Tadao Murata. Petri Nets:Properties[J]. Analysis and ApplicationsProceeding of the IEEE,1989,77(4).
  • 2[2]W.M.P.van der Aslst. The Application of Petri Nets to WorkflowManagement[J]. The Journal of Circuits,Systems and Computers, 1998,8(1):21-66.
  • 3[3]Workflow Management Coalition.Interface 1:Process DefitionInterchange,Process Model[R]. Document Number WfMC TC-1016-P(1998).
  • 4[4]E.Best. Structure theory of Petri nets: the free choice hiatus[A]. W.Brauer,W.Reisig,G.Rozenberg.Advances in Petri nets 1986 P art I:Petri Nets, central models and their properties[C],Vol.254 of Lecture Notes in Computer Science,pp.168-206.Springer-Verlag,Berlin,1987.
  • 5[5]Javier Campos, Giovanni Chiola, Jose M.Colom,Manuel Silva,Properties and Performance:Bounds for Timed Marked Graphs[J]. IEEE

共引文献27

同被引文献24

  • 1张栋,刘飞,宋豫川,谢静.基于角色的访问控制机制在工作流平台下扩展的研究[J].制造业自动化,2004,26(5):53-57. 被引量:7
  • 2任侠,谭庆平.基于任务和角色的分布式工作流授权控制模型[J].计算机工程,2006,32(5):80-82. 被引量:11
  • 3王远,范玉顺.支持时间管理的工作流元模型与系统实现[J].制造业自动化,2006,28(7):1-3. 被引量:2
  • 4LIPTON R J,SNYDER L.A linear time algorithm for deciding subject security[J].Journal of the ACM,1997,24(3):455-464.
  • 5KOCH M,MANCINI L V,PARISI-PRESICCE F.A graphbased formalism for RBAC[J].ACM Transactions on Information and System Security,2002,5(3):332-365.
  • 6KOCH M,PARISI-PRESICCE F.Describing policies with graph constraints and rules[J].Lecture Notes in Computer Science,2002,2505:223-238.
  • 7KOCH M,MANCINI L V,PARIS-PRESICCE F.Graph transformations for the specification of aocess control policies[J].Electronic Notes in Theoretical Computer Science,2001,51:222-232.
  • 8RUAN C,VARADHARAJAN V.Integration of graph based authorization policies[C]//Proceedings of the 16th International Symposium on Methodologies for Intelligent systems(ISMIS06).Berlin,GermanylSpringer,2006,4203:27-29.
  • 9ROZENBERG G.Handbook of graph grammars and computing by graph transformations,vol.Ⅰ:Foundations[M].Singpore:World Scientific,1997.
  • 10GAVRILA S I,BARKLEY J F.Formal specification for role based access control user/role and role/role relationship management[C]//Proceedings of the 3rd ACM Workshop on RoleBased Access Control.New York,N.Y.,USA:ACM,1998:81-90.

引证文献3

二级引证文献4

计算机集成制造系统
2006年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部