期刊文献+

基于角色的工作流平台访问控制安全模型 被引量:4

Security Model of Access Control for Workflow Platform based on Roles
下载PDF
导出
摘要 基于角色的访问控制模型作为一个组织内安全策略系统的实现方法,因其简易高效的授权方式和便捷的授权维护模型,被广泛应用于各类工作流管理系统。针对工作流环境的诸多不安全因素,提出了一个适应于工作流环境的基于角色控制的工作流安全访问的改进模型。该模型在传统RBAC模型中引入了任务案例(TC)、用户管理(UM)、任务(T)的3种关系元素,设计了动态授权机制,并在某公司电气销售系统应用中初步实现了该模型与工作流引擎组件的框架集成,提供了独立安全域内的安全授权服务。研究表明,该模型能较好地解决工作流管理系统中动态职责分离、动态职责绑定、案例间约束、互惠职责分离等系统不安全因素,可为工作流管理系统的安全运行提供技术支持。 Security model of access control based on role as a realization method of security strategy in organization,has been widely used to various workflow management system because of authorization mode being simple and highly active as well as authorization maintenance model being nimble.Aimed at the puzzle of insecurity factors in workflow environment,the paper proposed a sort of security access model suited to workflow environment based on workflow of role control.In the paper,it introduced task cases,user management,task of three relation elements in the traditional model of RBAC,designed the dynamic authorization mechanism,and realized the frame integration between the model and workflow engine module in a certain electric sell system of Corp.limited,and also provided the security authorization service in independent security field.The research result shows that it can better overcome the insecurity factors of system such as separation of dynamic duty,binding of dynamic duty,constraint between cases and separation of reciprocal duty,and provide powerful support for security operation of workflow management system.
出处 《重庆理工大学学报(自然科学)》 CAS 2011年第3期78-82,共5页 Journal of Chongqing University of Technology:Natural Science
基金 重庆理工大学科研青年基金项目(2010ZQ21)
关键词 工作流管理系统 基于角色的访问控制模型 工作流引擎 动态授权 WFMS RBAC workflow engine dynamic authorization
  • 相关文献

参考文献6

二级参考文献13

  • 1陈传波,黄俊华.基于工作流任务状态的访问权限分配模型[J].计算机工程与科学,2006,28(7):87-90. 被引量:1
  • 2Workflow Management Coalition. The workflow reference model[S]. WfMC TC00-1003, 1994.
  • 3RAVI S S. Role-based access control[J]. Advances in Computers, 1998,46.
  • 4SEJONG O, SEOG P. Task-role-based access control model [J]. Information Systems, 2003,28:533-562.
  • 5JACQUES W, PAULO B, AKH1L K. W-RBAC A workflow security model incorporating controlled overriding of constraints[J].
  • 6SANDHU R,COYNE E,FEINSTEIN H,et al.Role-based access control models[J].IEEE Computer,1996,29(2):38-47.
  • 7TAN K,CRAMPTON J,et al.The consistency of task-based authorization constraints in workflow systems[C]// Proc of the 17th IEEE Computer Security Foundations Workshop.Washington DC:IEEE Computer Society,2004:155-166.
  • 8OH S,PARK S.Task-role-based access control model[J].Information System,2003,28(6):533-562.
  • 9[1]Ravi Sandhu.Role-based Access Control Models[J].IEEE Computer,1996,29(2):21-23.
  • 10[2]Ferraiolo D F,Sandhu R,Gavrila S,et al.Proposed NIST Standard for Role-Based Access Control[J].ACM Transactions on Information and System Security,2001,4(3):224-274.

共引文献376

同被引文献44

  • 1刘伟,朱一凡,魏洪涛.工作流技术在办公自动化中的应用[J].计算机工程与设计,2006,27(7):1308-1310. 被引量:16
  • 2Sejong O, Seog P. Task-role- based access control mod- el[J]. Information Systems, 2003,28(6) : 533-562.
  • 3Ping Yang , Shiyong Lu, Mikhail I. G,et al. , Informa- tion flow analysis of scientific work flows[J]. J. Com- put. System Sci. , 2010,76(6),390-402.
  • 4Mikhail I. Gofman, LUO Rui-qi, Ayla C. Solomon et al. RBAC- PAT. A Policy Analysis Tool for Role Based Access Control [ J ]. JICS, 2009, 76 ( 4 ) : 1322-1331.
  • 5Gregory D,Charpoy F,God art C. Flexible Data Man- agement and Execution to Support Cooperative Work- flow: the approach[C]// Beijing: The Third Interna- tional Symposium on Cooperative Database Systems for Advanced Applications, 2009 : 124-131.
  • 6W. M. P. van der Aalst, A. H. M. ter Hofstede, B. Kiepuszewski, et al. Workflow Patterns [J]. Distrib- uted and Parallel Databases, 2009, 14(1) : 1-44.
  • 7Korhonen J, Pajunen L, Puustjarvi J. Automatic com- position of Web service workflows using a semantic a- gent[C] // Canada: Proceedings of the IEEE/WIC In- ternational Conference on Web Intelligence (W12003). 2003 : 566-569.
  • 8Workflow Management Coalition. Process definition interchange and process model[R]. Hingham, USA. Workflow Management Coalition, 2008.
  • 9Denning D. Cryptography and Data Security[M]. Boston: Addison-Wesley, 1982.
  • 10Stefan F, Martin M, et al. Large-Scale Vulnerability Analysis [C]//SIGCOMM'06 Workshops. Pisa,Italy,September 2006.

引证文献4

二级引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部