摘要
访问控制是提高工作流系系统安全的重要机制。基于角色的访问控制(RBAC)被绝大多数工作流系统所采用,已成为工作流领域研究的热点。基于传统的RBAC模型,从工作流访问控制模型与流程模型分离的角度出发,提出了一种将基于角色的静态授权和任务的动态控制相结合的T-RBAC访问控制机制应用于工作流管理中,有效增强了访问控制的灵活性和系统的安全性。该访问控制模型已在企业项目解决方案中得以实施。
Access control is an important mechanism for enhancing workflow system scurity. Role-based access control model(RBAC) is used in the most of workflow systems, and it has become a research topic in the area of workflow. Basd on the traditional RBAC model and embarked from decoupling the workflow access control model from the process model, a T-RBAC was presented, which basd on identity authentication and role authorization. Workflow tasks were run dynamically by using T-RBAC. The model to describe dynamic workflow system can enhance workflow system security and provide flexibility in access control system. And the model is implemented in a company project.
出处
《科学技术与工程》
2010年第1期298-301,共4页
Science Technology and Engineering
关键词
访问控制
工作流管理系统
静态授权
动态授权
access control workflow management system static authorization dynamic authorization
