Title :
Managing access and flow control requirements in distributed workflows
Author :
Ayed, Samiha ; Cuppens-Boulahia, Nora ; Cuppens, Frédéric
Author_Institution :
Telecommun. Bretagne, Cesson-Sevigne
fDate :
March 31 2008-April 4 2008
Abstract :
Workflows are operational business processes. Workfow Management Systems (WFMS) are concerned with the control and coordination of these workflows. In recent years, there has been a trend to integrate WFMS in distributed inter-organizational systems. In this case malfunctioning of one WFMS can affect more than one organization, making the correct functioning of a WFMS a critical issue. Thus, an important function of WFMS is to enforce the security of these inter-organizational workflows. Several works have been done to integrate the security aspects in the workflow specification. Unfortunately, these research works generally adopt a centralized management approach and are based on static access control models. Therefore, they do not deal with flow control, a very important requirement in WFMS. In this paper, we suggest a decentralized and dynamic approach to handle a security policy in workflows taking into account access and flow control.
Keywords :
access control; workflow management software; distributed workflows; flow control; operational business processes; static access control models; workfow management systems; Access control; Control systems; Data security; Distributed control; Fluid flow measurement; History; Information security; Petri nets; Proposals; Telecommunication control; DTE; OrBAC; Petri Nets; Security Policy; WFMS;
Conference_Titel :
Computer Systems and Applications, 2008. AICCSA 2008. IEEE/ACS International Conference on
Conference_Location :
Doha
Print_ISBN :
978-1-4244-1967-8
Electronic_ISBN :
978-1-4244-1968-5
DOI :
10.1109/AICCSA.2008.4493605
