面向工作流系统的统一访问控制模型

A Unified Access Control Model Used in Workflow-based Systems

本文在分析比较了工作流系统中常用的访问控制模型的基础上,针对工作流授权复杂控制不灵活的状况,给出了一种面向工作流系统的统一化的访问控制模型。该模型综合运用了多种授权方法,通过对多种访问控制方法进行统一化设计,使其可以在实际应用过程中做成可视化、可配置的独立模块,方便的适用于不同工作流系统的权限设计。最后,本文给出了此模型中权限的实现过程。

In order to overcome the shortcomings about the complicated authorizations in the workflow-based systems, a combined access control model is proposed on the basis of analyzing and comparing access control models used in workflow-based systems. In this model, many authorization methods are synthetically applied. By the way of unification, it can be independently made as a visible and configurable module in the practical application so that this module can be easily used in permissions design in different workflow-based systems. In the end, the calculation process of the permissions is presented.