Title :
Graph-based delegation authorization in workflow
Author_Institution :
R&D Center of CAD, Shenyang Ligong Univ., Shenyang, China
Abstract :
Using graph transformation as a formalism to specify access control has several advantages, from the intuition provided by the visual aspect to the precise semantics and the systematic verification of constraints. Graph transformations provide a uniform and precise framework for the specification of access control policies. After reviewing the basic notations of graph transformation, this article presents specification formalisms for workflow delegation policies using graph transformation. The authorization states are represented by graphs and state transition by graph transformation. The proposed formalization provides an intuitive description for the manipulation of graph structures as they occur in workflow delegation and a precise specification of consistency conditions on graphs and graph transformations. We specifies a type graph to represents the type information in the graph transformation for workflow delegation, a set of rules to build the system states and sets of positive and negative constraints to specify wanted and unwanted framework.
Keywords :
authorisation; formal specification; graph theory; workflow management software; access control policies; graph transformation; graph-based delegation authorization; specification formalism; state transition; systematic verification; workflow delegation policies; Access control; Authorization; Business process re-engineering; CADCAM; Computer aided manufacturing; Cost function; Graph theory; Information security; Research and development; Visualization; Delegation; Graph; Graph Transformation; Workflow;
Conference_Titel :
Control and Decision Conference, 2009. CCDC '09. Chinese
Conference_Location :
Guilin
Print_ISBN :
978-1-4244-2722-2
Electronic_ISBN :
978-1-4244-2723-9
DOI :
10.1109/CCDC.2009.5192203
