SecureFlow: A secure web-enabled Workflow Management System

被引：48

作者：

Huang, WK ^{[1
]}

Atluri, V ^{[1
]}

机构：

[1] Univ Connecticut, Dept Operat & Informat Management, Storrs, CT 06269 USA

来源：

FOURTH ACM WORKSHOP ON ROLE-BASED ACCESS CONTROL, PROCEEDINGS | 1999年

关键词：

D O I：

10.1145/319171.319179

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The objective of this paper is to present a web-based Workflow Management System (WFMS), called SecureFlow that can serve as a framework for specification and enforcement of complex security policies within a workflow, such as separation of duties. The main advantage of SecureFlow is that it uses a simple 4GL language such as SQL to specify authorization constraints, thereby improving flexibility and user-friendliness. Due to the modular nature of the SecureFlow architecture, the security specification and enforcement modules can be layered on top of existing workflow systems that do not provide adequate support for security. SecureFlow relies on the Workflow Authorization Model (WAM) recently proposed by Atluri and Huang.

引用

页码：83 / 94

页数：12

共 16 条

[1] ADAM NR, 1998, J INTELLIGENT INFORM, V10
[2] ATLURI V, 1999, IN PRESS J COMPUTER
[3] ATLURI V, 1996, LECT NOTES COMPUTER, V1146
[4] BERTINO E, 1997, P 2 ACM WORKSH ROL B
[5] BUSSLER C, 1996, ACM SIGOSIS B, V17, P17
[6] Clark D. D., 1987, Proceedings of the 1987 IEEE Symposium on Security and Privacy (Cat. No.87CH2416-6), P184
[7] DAYAL U, 1997, ADV WORKFLOW MANAGEM, P343
[8] EDER J, 1997, ADV WORKFLOW MANAGEM, P129
[9] HUANG WK, 1998, P 12 IFIP WG 11 3 WO
[10] *IBM, 1996, PUBL IBM

← 1 2 →