Petri-net-based context-related access control in workflow environment

被引：6

作者：

Dong, X ^{[1
]}

Chen, G ^{[1
]}

Yin, JW ^{[1
]}

Dong, JX ^{[1
]}

机构：

[1] Zhejiang Univ, State Key Lab CAD&CG, Hangzhou 310027, Zhejiang, Peoples R China

来源：

PROCEEDINGS OF THE SEVENTH INTERNATIONAL CONFERENCE ON CSCW IN DESIGN | 2002年

关键词：

D O I：

10.1109/CSCWD.2002.1047718

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Access control, which is one of the most important aspects of security services, is becoming increasingly an important challenge in workflow management systems. However, the traditional models of access control such as Role-based Access Control (RBAC) are static models without recognition of the dynamic environments in which the workflows are rooted These context-independent models rarely can meet the requirements that the highly dynamic environments raise. In this paper, we regard authorization as a dynamic process instead of the traditional static view and take two contextual factors into account: i) the state of related authorization processes; ii) the state of related process instances. Then, we propose a Petri-net-based model as a practical solution to the context-sensitive access control on this basis.

引用

页码：381 / 384

页数：4

共 11 条

[1]

ALTURI V, 1996, P 10 IFIP WG 11 3 WO, P199

[2]

DAVID FF, 2001, PROPOSED NIST STANDA

[3]

KNORR D, 2000, IEEE COMPUT, P159

[4]

LONG DL, 1999, P 15 ANN COMP SEC AP

[5] PETRI NETS - PROPERTIES, ANALYSIS AND APPLICATIONS [J].

MURATA, T .

PROCEEDINGS OF THE IEEE, 1989, 77 (04) :541-580

[6]

PAYNE C, 1999, 15 ANN COMP SEC APPL

[7] Role based access control models [J].

Sandhu, RS ;

Coyne, EJ ;

Feinstein, HL ;

Youman, CE .

COMPUTER, 1996, 29 (02) :38-&

[8]

Thomas R. K., 1994, Proceedings. The Computer Security Foundations Workshop VII, CSFW 7 (Cat. No.94TH0686-6), P66, DOI 10.1109/CSFW.1994.315946

[9]

THOMAS RK, 1997, P IFIP WG11 3 WORKSH, P23

[10]

VANDERAALST WMP, 1997, APPL PETRI NETS WORK

← 1 2 →