Strathprints Home | Open Access | Browse | Search | User area | Copyright | Help | Library Home | SUPrimo

Authorization and access control of application data in Workflow systems

Wu, S. and Sheth, A. and Miller, J. and Luo, Z. (2002) Authorization and access control of application data in Workflow systems. Journal of Intelligent Information Systems, 18 (1). pp. 71-94. ISSN 0925-9902

[img]
Preview
PDF (strathprints001905.pdf)
Download (309Kb) | Preview

    Abstract

    Workflow Management Systems (WfMSs) are used to support the modeling and coordinated execution of business processes within an organization or across organizational boundaries. Although some research efforts have addressed requirements for authorization and access control for workflow systems, little attention has been paid to the requirements as they apply to application data accessed or managed by WfMSs. In this paper, we discuss key access control requirements for application data in workflow applications using examples from the healthcare domain, introduce a classification of application data used in workflow systems by analyzing their sources, and then propose a comprehensive data authorization and access control mechanism for WfMSs. This involves four aspects: role, task, process instance-based user group, and data content. For implementation, a predicate-based access control method is used. We believe that the proposed model is applicable to workflow applications and WfMSs with diverse access control requirements.

    Item type: Article
    ID code: 1905
    Keywords: Workflow management system, authorization, access control, predicate-based access control, workflow process metadata-data, security, workflow repository, Electronic information resources
    Subjects: Bibliography. Library Science. Information Resources > Information resources > Electronic information resources
    Department: Faculty of Science > Computer and Information Sciences
    Faculty of Science > Computer and Information Sciences > Computer Science
    Faculty of Engineering > Electronic and Electrical Engineering
    Related URLs:
    Depositing user: Strathprints Administrator
    Date Deposited: 05 Nov 2006
    Last modified: 19 Jul 2013 23:36
    URI: http://strathprints.strath.ac.uk/id/eprint/1905

    Actions (login required)

    View Item

    Fulltext Downloads: