期刊文献+

一种基于表达式的工作流授权模型 被引量:1

An Expression-based Workflow Authorization Model
下载PDF
导出
摘要 提出了一种动态的工作流授权模型,通过表达式描述任务的触发机制和约束。与基于角色的其它模型不同,在此模型中角色仅是用户的属性之一,通过给用户定义更多的属性和基于这些属性的函数可以很容易地扩展模型。通过表达式可以描述用户和角色的权限、任务状态转换约束、任务实例数量约束、任务间的依赖关系、职责分离、时间约束、组织机构约束。约束表达式的灵活性给模型带来强大的功能和适应性。这个模型支持含有多起点、多终点、单选、多选、与聚合、或聚合、多聚合和循环的复杂工作流。 A dynamic workflow authorization model is proposed,which describes the triggers and constraints of tasks by expression.Unlike other role-based models,the role set in this model is only one property of a user.It's simple to extend the model by design more properties of users and functions.The model describes permissions of users and roles, constraints of task state transitions,count of task instances,dependencies of tasks,separation of duties,time and organization via expression.The flexible of expression brings the model capability and adaptability.This model supports complex workflows include multi startup task, multi end task, and-split, or-split, multiple-split, and-join, or-join, multiplejoin and loop.
出处 《计算机工程与应用》 CSCD 北大核心 2005年第36期158-160,178,共4页 Computer Engineering and Applications
关键词 访问控制 工作流 授权模型 RBAC access control, Workflow, authorization model, RBAC
  • 相关文献

参考文献12

  • 1Nstissc.national Information Systems Security(Infosec)Glossary[S]. Nstissi No 4009,Ft Meade,MD, USA : Nstissc,2000.
  • 2ANSI.Role Based Access Control[S].ANSI INCITS 359-2004,Washington, DC, USA : ANSI, 2004-04-02.
  • 3WfMC.Worktlow Management Coalition :Terminology & Glossary[S]. WFMC-TC-1011 ,Issue 3.0,1999.
  • 4Thomas R K,Sandhu R S.Towards a Task-based Paradigm for Flexible and Adaptable Access Control in Distributed Applications[C].In. Proceedings of the Second New Security Paradigms Workshop,New York, NY, USA:ACM Press, 1993 : 138-142.
  • 5Roshan K Thomas,Ravi S Sandhu.Task-Based Authorization Controls (TBAC):Family of Models for Active and Enterprise-Oriented Autorization Management[C].In :Proceedings of the IFIP TCll WG11.3 11th International Conference on Database Securty,London,UK:Chapman & Hall ,Ltd, 1997:166-181.
  • 6Bertino E,Bonatti PA,Ferrari E.TRBAC :A temporal role-based access control model[J].ACM Transactions on Information and System Security, 2001:4(3) :191-223.
  • 7董光宇,卿斯汉,刘克龙.带时间特性的角色授权约束[J].软件学报,2002,13(8):1521-1527. 被引量:51
  • 8黄建,卿斯汉,温红子.带时间特性的角色访问控制[J].软件学报,2003,14(11):1944-1954. 被引量:73
  • 9王小明,赵宗涛,郝克刚.工作流系统带权角色与周期时间访问控制模型[J].软件学报,2003,14(11):1841-1848. 被引量:23
  • 10Kandala S.Sandhu R.Secure role—based workflow models[C].In:Proceedings of the fifteenth annual working conference on Database and application security,Norwell,M,USA:Kluwer Academic Publishers,2001:45-58.

二级参考文献21

  • 1邓集波 洪帆.基于任务的授权模型.软件学报,2003,14(1):76~82.http://www.jos.org.cn/1000-9825/14/76.htm.,.
  • 2[1]Sandhu, R. Issues in RBAC . In: Proceedings of the ACM RBAC Workshop. MD: ACM Press, 1996. 21~24.
  • 3[2]Jaeger, T. On the increasing importance of constraints. In: Proceedings of 4th ACM Workshop on Role-Based Access Control. Fairefax, VA: ACM Press, 1999. 33~42.
  • 4[3]Ahn, G.-J. The RCL2000 language for specifying role-based authorization constraints [Ph.D. Thesis]. Fairfax, VA: George Mason University, 1999.
  • 5[4]Sandhu, R., Coyne, E.J., Feinstein, H.L., et al. Role-Based access control models. IEEE Computer, 1995,29(2):38~47.
  • 6[5]Chen, Fang, Sandhu, R. Constraints for role-based access control. In: Proceedings of the ACM RBAC Workshop. MD: ACM Press, 1996. 39~46.
  • 7Fcrraiolo DF, Sandhu R, Guirila S, Kuhn DR, Chandramouli R. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security, 2001,4(3):224-274.
  • 8Botha RA, Eloff JHP. Access control in document centric workflow system: an agent-based approach. Computers & Security, 2001,20(6):525-532.
  • 9Wu SL, Sheth A, Miller J, Luo ZW. Authorization and access control of application data in workflow system. Journal of Intelligent Information System, 2002,18(1):71 -94.
  • 10Bertino E, Bonatti PA, Ferrari E. TRBAC: A temporal role-based access control model. ACM Transactions on Information and System Security, 2001,4(3): 191-223.

共引文献121

同被引文献5

引证文献1

二级引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部