期刊文献+

面向任务的工作流访问控制模型 被引量:3

An Access Control Model for Task-Oriented Workflow
下载PDF
导出
摘要 在分析工作流对访问控制需求的基础上,提出了面向任务的工作流访问控制模型.该模型引入了授权任务概念,将执行任务需要的最小权限和执行任务的角色作为授权任务的属性,使角色和权限脱离关系.同时该模型定义了任务冲突关系,并在此基础上给出了动态授权约束规则,保证了组织安全策略的实施.面向任务的访问控制模型实现了授权流同工作流的同步,能够满足工作流访问控制对动态授权、最小权限和职责分离的要求.不同于已有的模型,该模型还通过角色和权限的分离解除了组织模型和工作流模型的耦合关系. Analyzing what are required for the access control of workflow, an access control model for task-oriented workflow is put forward, in which the idea of authorized task in order to separate the relation between roles and permissions. An authorization task is introduced to make the executive roles in no relation to authority, where the authority least approved to execute a task and the role assigned to execute the task are both the attributes of task authorization. The model also defines the conflict relationship between different tasks, then gives the dynamic constraint rules on the authorization to ensure and enforce the implementation of security strategies. In this model, the authorization flow is synchronized with workflow so as to meet the access control's requirements of dynamic authorization, authority least approved and separation of responsibility from duty. Differing from existing models, in the proposed model the separation of authority from executive role cancels the coupling of organizational model with workflow model.
出处 《东北大学学报(自然科学版)》 EI CAS CSCD 北大核心 2008年第3期387-390,432,共5页 Journal of Northeastern University(Natural Science)
基金 总装备部装备预研基金计划项目(9140A18010106LN0101) 教育部新世纪优秀人才支持计划项目(NCET-04-0281).
关键词 任务 工作流 访问控制 授权约束 职责分离 task workflow access control authorization constraint separation of responsibility from duty
  • 相关文献

参考文献10

  • 1Workflow Management Coalition. WFMC-TC-1019, workflow security considerations white papers [ S/OL ]. [1998 02-07]. http://www. wfmc.org.
  • 2徐洪学,郭秀英,刘永贤.基于RBAC的具有时空约束的工作流授权模型[J].东北大学学报(自然科学版),2006,27(2):217-220. 被引量:6
  • 3Thomas R K, Sandhu R S. Task-based authentication controls (TABC): a family of models for active and enterprise-oriented authentication management [ C ] // Proceedings of the IFIP WG11.3 Workshop on Database Security. Lake Tahoe, 1997:166- 181.
  • 4邓集波,洪帆.基于任务的访问控制模型[J].软件学报,2003,14(1):76-82. 被引量:222
  • 5Sandhu R S, Coyne E J, Feinstein H L, et al. Role based access control models[J]. IEEE Computer, 1996,29(2) :38 -47.
  • 6Atluri V, Huang W K. An authorization model for workflows [ C ] // Proceedings of the 5th European Symposium on Research in Computer Security. Rome: Springer-Verlag, 1996:44-64.
  • 7Atluri V, Huang W K. A Petri net based safety analysis of workflow authorization models [ J ]. Journal of Computer Security, 2000,8(2) :83 - 94.
  • 8zur Michael M. Organizational management in workflow application[J ]. Information Technology and Management Journal, 2004,5(3) :271 - 291.
  • 9Reinhardt A B, Jan H P E. Separation of duties for access control enforcement in workflow environments [J ]. IBM Systems Journal, 2001,40(3) :666 - 682.
  • 10Adam N R, Atluri V, Huang W K. Modeling and analysis of workflows using Petri nets [ J ]. Journal of Intelligent Information Systems, 1998,10(2) : 131 - 158.

二级参考文献11

  • 1邢光林,洪帆.一个基于RBAC的工作流授权模型[J].小型微型计算机系统,2005,26(3):544-547. 被引量:6
  • 2Sandhu R S,Coyne E J,Feinstein H L.Role-based access control models[J].IEEE Computer,1996,39(2):38-47.
  • 3Atluri V,Huang W K.Enforcing mandatory and discretionary security in workflow management systems[J].Journal of Computer Security,1997,5(4):303-339.
  • 4Adam N R,Atluri V,Huang W K.Modeling and analysis of workflows using petri nets[J].Journal of Intelligent Information Systems,1998,10(2):131-158.
  • 5Ahn G J.Injecting RBAC to secure a web-based workflow system[A].In Proceeding of Fifth ACM Workshop on Role-Based Access Control[C].Berlin:ACM,2000.26-28.
  • 6Atluri V,Huang W K,Bertino E.A semantic based execution model for multilevel secure workflows[J].Journal of Computer Security,2000,8(1):3-41.
  • 7Atluri V,Huang W K.A petri net based safety analysis of workflow authorization models[J].Journal of Computer Security,2000,8(2):83-94.
  • 8Kandala S,Sandhu R S.Secure role-based workflow models[EB/OL].http:∥www.list.gmu.edu/confrnc/ifip/i01-rbwm.pdf,2001-10-31.
  • 9Wu S L,Sheth A,Miller J,et al.Authorization and access control of application data in workflow system[J].Journal of Intelligent Information System,2002,18(1):71-94.
  • 10Atluri V.Security for workflow systems[EB/OL].http:∥cimic.rutgers.edu/~atluri/workflow.pdf,2003-02-05.

共引文献226

同被引文献23

引证文献3

二级引证文献6

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部