Supporting delegation in secure workflow management systems

被引:0
作者
Atluri, V [1 ]
Bertino, E [1 ]
Ferrari, E [1 ]
Mazzoleni, P [1 ]
机构
[1] Rutgers State Univ, MSIS Dept, Piscataway, NJ 08855 USA
来源
DATA AND APPLICATIONS SECURITY XVII: STATUS AND PROSPECTS | 2004年 / 142卷
关键词
access control; workflow systems; delegation;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Workflow systems are today used in numerous business application domains including office automation, finance and banking, as well as in scientific application domains, for automating their day-to-day applications, Often, organizations establish a set of security policies that regulate how the business process and resources should be managed. For reasons of ease in management, these security policies are expressed in terms of roles. In addition to simple authorization rules specifying which subject/role can execute a task in a workflow, many business processes require support for more complex authorization constraints, such as separation of duties. In this paper, we present an approach that supports delegation and assign users to roles in such a way that no constraints are violated. In particular, we introduce the notion of delegation consistency and propose algorithms to assign tasks to users such that they guarantee delegation consistency.
引用
收藏
页码:190 / 202
页数:13
相关论文
共 50 条
[21]   Delegation in Predicate Encryption Supporting Disjunctive Queries [J].
Sun, Dongdong ;
Boyd, Colin ;
Nieto, Juan Manuel Gonzalez .
SECURITY AND PRIVACY - SILVER LININGS IN THE CLOUD, 2010, 330 :229-240
[22]   A Secure Proxy Signature Scheme with Delegation by Warrant [J].
Popescu, Constantin .
STUDIES IN INFORMATICS AND CONTROL, 2011, 20 (04) :373-380
[23]   On Supporting Secure Information Distribution in Heterogeneous Systems Using Standard Technologies [J].
Mousas, Aziz S. ;
Anadiotis, Angelos-Christos G. ;
Lioudakis, Georgios V. ;
Papanis, John P. ;
Gkonis, Panagiotis K. ;
Kaklamani, Dimitra I. ;
Venieris, Iakovos S. .
WIRELESS PERSONAL COMMUNICATIONS, 2014, 76 (01) :99-119
[24]   On Supporting Secure Information Distribution in Heterogeneous Systems Using Standard Technologies [J].
Aziz S. Mousas ;
Angelos-Christos G. Anadiotis ;
Georgios V. Lioudakis ;
John P. Papanis ;
Panagiotis K. Gkonis ;
Dimitra I. Kaklamani ;
Iakovos S. Venieris .
Wireless Personal Communications, 2014, 76 :99-119
[25]   A coordinator for workflow management systems with information access control [J].
Chou, SC ;
Wu, CJ .
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2005, E88D (12) :2786-2792
[26]   A Review of Delegation and Break-Glass Models for Flexible Access Control Management [J].
Schefer-Wenzl, Sigrid ;
Bukvova, Helena ;
Strembeck, Mark .
BUSINESS INFORMATION SYSTEMS WORKSHOPS (BIS 2014), 2014, 183 :93-104
[27]   A Discretionary Delegation Framework for Access Control Systems [J].
Khan, M. Fahim Ferdous ;
Sakamura, Ken .
ON THE MOVE TO MEANINGFUL INTERNET SYSTEMS: OTM 2016 CONFERENCES, 2016, 10033 :865-882
[28]   Design and implementation of a secure and flexible access-right delegation for resource constrained environments [J].
Rabehaja, Tahiry ;
Pal, Shantanu ;
Hitchens, Michael .
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2019, 99 :593-608
[29]   Design of PMI supporting self-administrative sub-role based delegation [J].
Liu, Yueqin ;
Zhu, Yanqin ;
Liu, Yan .
IMECS 2007: INTERNATIONAL MULTICONFERENCE OF ENGINEERS AND COMPUTER SCIENTISTS, VOLS I AND II, 2007, :1356-+
[30]   SWARM: Reimagining scientific workflow management systems in a distributed world [J].
Balaprakash, Prasanna ;
Raghavan, Krishnan ;
Cappello, Franck ;
Deelman, Ewa ;
Mandal, Anirban ;
Jin, Hongwei ;
Mahmud, Imtiaz ;
Thareja, Komal ;
Wu, Shixun ;
Zuk, Pawel ;
Kiran, Mariam ;
Chen, Zizhong ;
Di, Sheng ;
Wu, Kesheng .
INTERNATIONAL JOURNAL OF HIGH PERFORMANCE COMPUTING APPLICATIONS, 2025,
12345