摘要
业务流程执行语言(Business Process Execution Language for Web Services)是一种可以定义抽象的和可执行的业务流程的语言。然而,BPEL缺乏访问控制方面的安全性考虑。本文主要关注基于BPEL的流程的访问控制的实现方法。我们对现有的基于任务的访问控制模型(Task-Based Access Control)进行扩展,修改了授权结构体的定义并重新定义了授权结构体的类型,并实现了从BPEL定义的流程到TBAC模型的映射,提出了一种TBAC应用到BPEL中的方法。本文最后讨论了下一步的研究工作。
Business Process Execution Language for Web Services is a language, which can be used to define abstract and executable processes. However, the security aspect of access control is explicitly mentioned to he outside the scope of BPEL. This paper focuses on the implement of access control in the BPEL-based processes. We extend the existing Task-Based Access Control model, modify the definition of authorization unit and redefine the types of authorization units. Moreover we implement the mapping from the process defined by BPEL to TBAC model, put forwards an approach of using TBAC in BPEL. The future work is mentioned at the end of the paper.
出处
《计算机科学》
CSCD
北大核心
2007年第2期132-136,共5页
Computer Science
基金
国家自然科学基金项目(60373081)
广东省自然科学基金项目(04105503
5003348)
教育部"新世纪优秀人才支持计划"资助项目