Managing access and flow control requirements in distributed workflows

Author

Ayed, Samiha ; Cuppens-Boulahia, Nora ; Cuppens, Frédéric

Author_Institution

Telecommun. Bretagne, Cesson-Sevigne

fYear

2008

fDate

March 31 2008-April 4 2008

Firstpage

702

Lastpage

710

Abstract

Workflows are operational business processes. Workfow Management Systems (WFMS) are concerned with the control and coordination of these workflows. In recent years, there has been a trend to integrate WFMS in distributed inter-organizational systems. In this case malfunctioning of one WFMS can affect more than one organization, making the correct functioning of a WFMS a critical issue. Thus, an important function of WFMS is to enforce the security of these inter-organizational workflows. Several works have been done to integrate the security aspects in the workflow specification. Unfortunately, these research works generally adopt a centralized management approach and are based on static access control models. Therefore, they do not deal with flow control, a very important requirement in WFMS. In this paper, we suggest a decentralized and dynamic approach to handle a security policy in workflows taking into account access and flow control.

Keywords

access control; workflow management software; distributed workflows; flow control; operational business processes; static access control models; workfow management systems; Access control; Control systems; Data security; Distributed control; Fluid flow measurement; History; Information security; Petri nets; Proposals; Telecommunication control; DTE; OrBAC; Petri Nets; Security Policy; WFMS;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Systems and Applications, 2008. AICCSA 2008. IEEE/ACS International Conference on

Conference_Location

Doha

Print_ISBN

978-1-4244-1967-8

Electronic_ISBN

978-1-4244-1968-5

Type

conf

DOI

10.1109/AICCSA.2008.4493605

Filename

4493605