9 January 2008 Research on a dynamic workflow access control model
Author Affiliations +
Proceedings Volume 6794, ICMIT 2007: Mechatronics, MEMS, and Smart Materials; 679440 (2008) https://doi.org/10.1117/12.784024
Event: ICMIT 2007: Mechatronics, MEMS, and Smart Materials, 2007, Gifu, Japan
Abstract
In recent years, the access control technology has been researched widely in workflow system, two typical technologies of that are RBAC (Role-Based Access Control) and TBAC (Task-Based Access Control) model, which has been successfully used in the role authorizing and assigning in a certain extent. However, during the process of complicating a system's structure, these two types of technology can not be used in minimizing privileges and separating duties, and they are inapplicable when users have a request of frequently changing on the workflow's process. In order to avoid having these weakness during the applying, a variable flow dynamic role_task_view (briefly as DRTVBAC) of fine-grained access control model is constructed on the basis existed model. During the process of this model applying, an algorithm is constructed to solve users' requirements of application and security needs on fine-grained principle of privileges minimum and principle of dynamic separation of duties. The DRTVBAC model is implemented in the actual system, the figure shows that the task associated with the dynamic management of role and the role assignment is more flexible on authority and recovery, it can be met the principle of least privilege on the role implement of a specific task permission activated; separated the authority from the process of the duties completing in the workflow; prevented sensitive information discovering from concise and dynamic view interface; satisfied with the requirement of the variable task-flow frequently.
© (2008) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Yiliang Liu, Yiliang Liu, Jinxia Deng, Jinxia Deng, } "Research on a dynamic workflow access control model", Proc. SPIE 6794, ICMIT 2007: Mechatronics, MEMS, and Smart Materials, 679440 (9 January 2008); doi: 10.1117/12.784024; https://doi.org/10.1117/12.784024
PROCEEDINGS
7 PAGES


SHARE
Back to Top