|
 ABSTRACT
Web-based workflow can be used to facilitate enterprise business process while the security and flexibility are two of the most important aspects in electronic business system. RBAC is regarded as a neutral policy and has been the most popular secure model in recent years. The flexible RBAC workflow model (FRWM) has been proposed recently. It has encapsulated RBAC and workflow together considering both security and flexibility features. In this paper the enforcement of FRWM is introduced. We also present the design and implementation of a practical system for Property Right Exchange (PRES) based on FRWM, in which the flexibility of workflow can be reached through definition and execution while considering the security with RBAC.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
 |
1
|
Gail-Joon Ahn , Ravi Sandhu , Myong Kang , Joon Park, Injecting RBAC to secure a Web-based workflow system, Proceedings of the fifth ACM workshop on Role-based access control, p.1-10, July 26-28, 2000, Berlin, Germany
[doi> 10.1145/344287.344295]
|
| |
2
|
Elisa Bertino , Elena Ferrari , Vijayalakshmi Atluri, A flexible model supporting the specification and enforcement of role-based authorization in workflow management systems, Proceedings of the second ACM workshop on Role-based access control, p.1-12, November 06-07, 1997, Fairfax, Virginia, United States
[doi> 10.1145/266741.266746]
|
| |
3
|
|
| |
4
|
|
| |
5
|
Li Hong-Chen, Shi Mei-Lin, "Workflow Models and Their Formal Descriptions", Chinese Journal of Computer, Vol. 26 No. 11, Nov. 2003, 1456--1463
|
| |
6
|
Gao Jing, Zhu Ge, "The Status and Problem of Property Rights Trade Market in China", management of Science ology and technology, 2003, 14(6):1052--1059
|
| |
7
|
Ge Sheng, Sun Ying-Lin, Huai Jin-Peng, "A Role Base Software Collaboration Environment", Journal of Computer Research And Development, Vol. 40, No. 5,
|
| |
8
|
|
| |
9
|
Petra Heinl , Stefan Horn , Stefan Jablonski , Jens Neeb , Katrin Stein , Michael Teschke, A comprehensive approach to flexibility in workflow management systems, Proceedings of the international joint conference on Work activities coordination and collaboration, p.79-88, February 22-25, 1999, San Francisco, California, United States
|
| |
10
|
R. Holbein, S. Teufel, "A Context Authentication Service for Role-based Accedd Control in Distributed System - CARDS". In Proceeding of IFIP 11th International Conference on Information Security. 1995
|
| |
11
|
|
| |
12
|
|
| |
13
|
James B. D. Joshi, etc "Generalized temporal role based access control model (GTRBA) (Part I)- specification and modeling", CERIS TR 2001-47, Purdue University
|
| |
14
|
P. J. Mangan and S. Sadiq, A constraints specification approach to building flexible workflows. Journal of Research and Practice in Information Technology, 2002
|
| |
15
|
|
| |
16
|
|
| |
17
|
|
| |
18
|
|
| |
19
|
|
| |
20
|
|
| |
21
|
|
| |
22
|
Thomas, R. K. and Sandhu R., "Task-based suthorization controls(TBAC)" proceedings of Computer Fondations Workshop X, 1997
|
| |
23
|
|
| |
24
|
WFMC. "Workflow Management Coalition: Terminology & Glossary". WFMC-TC-1011, 1999.2. Http://www.wfmc.org}
|
| |
25
|
Zhao W., Hu WH, Zhang SK, Wang LF. "Study and Application of a workflow meta-model". Journal of Software, 2003, 14(6):1052--1059
|
| |
26
|
Y. Q. SUN, etc "An Approach For Flexible RBAC Workflow System", Proceeding of 9th International Conference on Computer Supported Cooperative Work in Design (CSCWD 2005), Coventry, May, 2005 (accepted)
|
CITED BY
|
|
Yuqing Sun , Bin Gong , Xiangxu Meng , Zongkai Lin , Elisa Bertino, Specification and enforcement of flexible security policy for active cooperation, Information Sciences: an International Journal, v.179 n.15, p.2629-2642, July, 2009
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
D.4