ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
A flexible model supporting the specification and enforcement of role-based authorization in workflow management systems
Full text PdfPdf (1.37 MB)
Source ACM Workshop on Role Based Access Control archive
Proceedings of the second ACM workshop on Role-based access control table of contents
Fairfax, Virginia, United States
Pages: 1 - 12  
Year of Publication: 1997
ISBN:0-89791-985-8
Authors
Elisa Bertino  Dipartimento di Scienze dell'Informazione, Università di Milano, Milano, Italy
Elena Ferrari  Dipartimento di Scienze dell'Informazione, Università di Milano, Milano, Italy
Vijayalakshmi Atluri  MS/CIS Department, Rutgers University, 180 University Avenue, Newark NJ
Sponsors
DC Chapter :
NIST : National Institue of Standards & Technology
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 11,   Downloads (12 Months): 39,   Citation Count: 25
Additional Information:

references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/266741.266746
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Vijayalakshmi Atluri , Wei-kuang Huang, An Authorization Model for Workflows, Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security, p.44-64, September 25-27, 1996
 
2
E. Bertino, E. Ferrari, and V. Atluri. A Flexible Model supporting the Specification and Entbrcement of l~ole-based Authorizations in Workflow Management Systems. Technical Report, De- I)artment of Computer Science, University of Milano, January 1997.
 
3
S.K. Das. Deductive Databases and Logic Programming. Addison-Wesley, 1992.
 
4
Dimitrios Georgakopoulos , Mark Hornick , Amit Sheth, An overview of workflow management: from process modeling to workflow automation infrastructure, Distributed and Parallel Databases, v.3 n.2, p.119-153, April 1995  [doi>10.1007/BF01277643]
 
5
M. Gelfond and V. Lifschitz. The Stable Model Semantics for Logic Programming. In Proceedings of the 5th International Conference on Logic Programming, pages 1070-1080, Cambridge, Massachusetts, 1988.
6
Sushil Jajodia , Pierangela Samarati , V. S. Subrahmanian , Eliza Bertino, A unified framework for enforcing multiple access control policies, Proceedings of the 1997 ACM SIGMOD international conference on Management of data, p.474-485, May 11-15, 1997, Tucson, Arizona, United States
 
7
Dirk Jonscher , Jonathan D. Moffett , Klaus R. Dittrich, Complex Subjects, or: The Striving for Complexity is Ruling our World, Proceedings of the IFIP WG11.3 Working Conference on Database Security VII, p.19-37, September 12-15, 1993
 
8
Lotus Notes Administrator's Reference ManuaZ, Release 4. Lotus Corporation, 1996.
 
9
R. Medina-Mora, H. K.T. Wong and P. Flores. ActionWorkflowTM as the Enterprise Integration Technology. Bulletin of IEEE Technical Committee on Data Engineering, 16(2): 49-52, 1993.
 
10
Proceedings of the First A CM Workshop on Role Based Access Control, 1996.
 
11
R. Sandhu. Separation of Duties in Computerized Information Systems. Database Security IV: Status and Prospects, pages 179-189, North Holland, 1991.
 
12
Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]
 
13
R. Thomas and R. Sandhu. Task-based Authorization: A Research Project in Next-generation Active Security Models for Workflows. NSF Workshop on Workflow and Process Automation in Information Systems: State-of-the-Art and Future Directions, May, 1996.

CITED BY  25
Olga Pacheco , José Carmo, A Role Based Model for the Normative Specification of Organized Collective Agency and Agents Interaction, Autonomous Agents and Multi-Agent Systems, v.6 n.2, p.145-184, March 2003
Matunda Nyanchama , Sylvia Osborn, The role graph model and conflict of interest, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.3-33, Feb. 1999
Walt Yao , Ken Moody , Jean Bacon, A model of OASIS role-based access control and its support for active security, Proceedings of the sixth ACM symposium on Access control models and technologies, p.171-181, May 2001, Chantilly, Virginia, United States
Luigi Giuri, Role-based access control on the Web using Java, Proceedings of the fourth ACM workshop on Role-based access control, p.11-18, October 28-29, 1999, Fairfax, Virginia, United States
Wei-Kuang Huang , Vijayalakshmi Atluri, SecureFlow: a secure Web-enabled workflow management system, Proceedings of the fourth ACM workshop on Role-based access control, p.83-94, October 28-29, 1999, Fairfax, Virginia, United States
Vijayalakshmi Atluri , Soon Ae Chun , Pietro Mazzoleni, A Chinese wall security model for decentralized workflow systems, Proceedings of the 8th ACM conference on Computer and Communications Security, November 05-08, 2001, Philadelphia, PA, USA
Luigi Giuri, Role-based access control in Java, Proceedings of the third ACM workshop on Role-based access control, p.91-100, October 22-23, 1998, Fairfax, Virginia, United States
Weigang Wang, Team-and-role-based organizational context and access control for cooperative hypermedia environments, Proceedings of the tenth ACM Conference on Hypertext and hypermedia : returning to our diverse roots: returning to our diverse roots, p.37-46, February 21-25, 1999, Darmstadt, Germany
Tanvir Ahmed , Anand R. Tripathi, Static verification of security requirements in role based CSCW systems, Proceedings of the eighth ACM symposium on Access control models and technologies, June 02-03, 2003, Como, Italy
Vijayalakshmi Atluri , Avigdor Gal, An authorization model for temporal and derived data: securing information portals, ACM Transactions on Information and System Security (TISSEC), v.5 n.1, p.62-94, February 2002
Joachim Biskup , Thomas Leineweber, State-dependent security decisions for distributed object-systems, Proceedings of the fifteenth annual working conference on Database and application security, p.105-118, July 15-18, 2001, Niagara, Ontario, Canada
Savith Kandala , Ravi Sandhu, Secure role-based workflow models, Proceedings of the fifteenth annual working conference on Database and application security, p.45-58, July 15-18, 2001, Niagara, Ontario, Canada
Jean Bacon , Ken Moody , Walt Yao, A model of OASIS role-based access control and its support for active security, ACM Transactions on Information and System Security (TISSEC), v.5 n.4, p.492-540, November 2002
Shih-Chien Chou , An-Feng Liu , Chien-Jung Wu, Preventing information leakage within workflows that execute among competing organizations, Journal of Systems and Software, v.75 n.1-2, p.109-123, 15 February 2005
Vijayalakshmi Atluri , Soon Ae Chun , Pietro Mazzoleni, Chinese wall security for decentralized workflow management systems, Journal of Computer Security, v.12 n.6, p.799-840, December 2004
Yuqing Sun , Peng Pan, PRES: a practical flexible RBAC workflow system, Proceedings of the 7th international conference on Electronic commerce, August 15-17, 2005, Xi'an, China
José Carmo , Olga Pacheco, Deontic and Action Logics for Organized Collective Agency, Modeled through Institutionalized Agents and Roles, Fundamenta Informaticae, v.48 n.2-3, p.129-163, April 2001
Gaby Herrmann , Günther Pernul, Viewing business-process security from different perspectives, International Journal of Electronic Commerce, v.3 n.3, p.89-103, March 1999
Janice Warner , Vijayalakshmi Atluri, Inter-instance authorization constraints for secure workflow management, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
Jacques Wainer , Akhil Kumar , Paulo Barthelmess, DW-RBAC: A formal security model of delegation and revocation in workflow systems, Information Systems, v.32 n.3, p.365-384, May, 2007
Meenakshi Balasubramanian , Abhishek Bhatnagar , Namit Chaturvedi , Atish Datta Chowdhury , Arul Ganesh, A framework for decentralized access control, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore
Yan Han , Liu Fengyu , Zhang Hong, An object-oriented model of access control based on role, ACM SIGSOFT Software Engineering Notes, v.25 n.2, p.64-68, March 2000
Zhang Yi , Zhang Yong , Wang Weinong, Modeling and Analyzing of Workflow Authorization Management, Journal of Network and Systems Management, v.12 n.4, p.507-535, December 2004
Fabio Casati , Silvana Castano , Mariagrazia Fugini, Managing Workflow Authorization Constraints through Active Database Technology, Information Systems Frontiers, v.3 n.3, p.319-338, September 2001
Gilles Goncalves , Aneta Poniszewska-Maranda, Role engineering: From design to evolution of security schemes, Journal of Systems and Software, v.81 n.8, p.1306-1326, August, 2008

INDEX TERMS

Primary Classification:
  J. Computer Applications
  J.1 ADMINISTRATIVE DATA PROCESSING
      Subjects: Business

Additional Classification:
  D. Software
  D.1 PROGRAMMING TECHNIQUES

  H. Information Systems
  H.4 INFORMATION SYSTEMS APPLICATIONS

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS


General Terms:
Algorithms, Human Factors, Languages, Management, Security

Collaborative Colleagues:
Elisa Bertino: colleagues
Elena Ferrari: colleagues
Vijayalakshmi Atluri: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player