45,335 Hits in 3.3 sec

The consistency of task-based authorization constraints in workflow systems

Kaijun Tan, J. Crampton, C.A. Gunter
Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004.  
Workflow management systems (WFMSs) have attracted a lot of interest both in academia and the business community.  ...  A workflow consists of a collection of tasks that are organized to facilitate some business process specification.  ...  The scheme is based on a model for separation of duty constraints in role-based systems [10] . We identify two constraint types: cardinality constraints and entailment constraints.  ... 
doi:10.1109/csfw.2004.1310739 fatcat:a2kicgwvpzalznpwlnjmwizykm

Supporting Delegation in Secure Workflow Management Systems [chapter]

Vijayalakshmi Atluri, Elisa Bertino, Elena Ferrari, Pietro Mazzoleni
2004 IFIP International Federation for Information Processing  
In particular, we introduce the notion of delegation consistency and propose algorithms to assign tasks to users such that they guarantee delegation consistency.  ...  In addition to simple authorization rules specifying which subject/role can execute a task in a workflow, many business processes require support for more complex authorization constraints, such as separation  ...  Authorization Constraints in Workflow The Workflow model As in most WFMSs, we assume that a workflow consists of several tasks to be executed sequentially.  ... 
doi:10.1007/1-4020-8070-0_14 fatcat:bajvejfnmzgj5cz7cjp6hjqokm

Security for Workflow Systems

Vijay Atluri
2001 Information Security Technical Report  
This workflow consists of four tasks: preparing a claim (T 1 ), approving the claim (T 2 ), issuing a check (T 3 ), and notifying the employee in case of declination (T 4 ).  ...  Dynamic constraints: These constraints can be evaluated only during the execution of a workflow, because they express restrictions based on the execution history of the workflow.  ... 
doi:10.1016/s1363-4127(01)00207-2 fatcat:ivpa5blkgzcbvbo34pou5fmw4e

Role-based authorizations for workflow systems in support of task-based separation of duty

Duen-Ren Liu, Mei-Yu Wu, Shu-Teng Lee
2004 Journal of Systems and Software  
Role-based authorizations for assigning tasks of workflows to roles/users are crucial to security management in workflow management systems.  ...  Different from existing work, the proposed authorization model considers the AND/XOR split structures of workflows and execution dependency among tasks to enforce separation of duties in assigning tasks  ...  Acknowledgement The authors would like to thank the National Science Council of the Republic of China for financially supporting this research under contract no.  ... 
doi:10.1016/s0164-1212(03)00175-4 fatcat:zeujofklarhjzi23qq54azmezu

Design of an Integrated Role-Based Access Control Infrastructure for Adaptive Workflow Systems

Nanjangud C Narendra
2003 Journal of Computing and Information Technology  
With increasing numbers of organizations automating their business processes by using workflow systems, security aspects of workflow systems has become a heavily researched area.  ...  In this paper, we investigate this important research topic, with emphasis on Role-Based Access Control (RBAC) in Adaptive Workflow.  ...  The author wishes to thank his manager, Srinidhi Srinath and the SES Director, Padma Ravichanger, for their support.  ... 
doi:10.2498/cit.2003.04.04 fatcat:q22jjc76kbh2rdtqmesrdietwi

Extending the BFA Workflow Authorization Model to Express Weighted Voting [chapter]

Savith Kandala, Ravi Sandhu
2000 IFIP Advances in Information and Communication Technology  
Bertino, Ferrari and Atluri (BFA) have recently presented a model for specifying and enforcing authorization constraints for Workflow Management Systems (WFMS).  ...  The model is comprehensive and exhibits strong properties such as (1) a language to express constraints, (2) formal notions of constraint consistency and (3) algorithms for role-task and user-task assignments  ...  The Constraint-Base associated with W (written CB (W)) consists of a set of explicit, assignment and integrity rules.  ... 
doi:10.1007/978-0-387-35508-5_10 fatcat:67xgm3szo5g35fx4ryhazubr7q

Modelling and analyzing the authorization and execution of video workflows

Ligang He, Chenlin Huang, Kenli Li, Hao Chen, Jianhua Sun, Bo Gao, Kewei Duan, Stephen A. Jarvis
2011 2011 18th International Conference on High Performance Computing  
Various types of authorization constraint are modeled in this paper, and scheduled activities are also supported in the model.  ...  Based on the model analysis, this paper further proposes the methods to improve performance in the presence of authorization policies.  ...  SIMULATION RESULTS This section presents the simulation results of the CTPN model constructed for an exemplar workflow. The workflow consists of 7 tasks, whose topology is shown in Figure 5 .  ... 
doi:10.1109/hipc.2011.6152727 dblp:conf/hipc/HeHLCSGDJ11 fatcat:n7gdofubcrfrdfnuq2rulguydu

On Capturing Process Requirements of Workflow Based Business Information Systems [chapter]

Wasim Sadiq, Maria E. Orlowska
1999 BIS '99  
It is essential to correctly and effectively capture the workflow specific requirements of business information systems before their deployment through workflow management systems.  ...  The workflow technology manages the execution of business activities and coordinates the flow of information throughout the enterprise.  ...  The concept of transactions is used in transaction processing systems to maintain the consistency of information systems in case of system and transaction failures and concurrent updates to the underlying  ... 
doi:10.1007/978-1-4471-0875-7_23 dblp:conf/bis/SadiqO99 fatcat:4gueceqhjngybmr6qic7ivjndq

Allocating Resources for Workflows Running under Authorization Control

Ligang He, Nadeem Chaudhary, Stephen A. Jarvis, Kenli Li
2012 2012 ACM/IEEE 13th International Conference on Grid Computing  
This paper investigates the issue of allocating resources for running workflows under the role-based authorization control.  ...  However, the authorization policies impose further constraints on task executions, and therefore may incur performance penalty and affect both application-and system-oriented performance.  ...  Then we run the workflows consisting of only human tasks under authorization constraints on both resource allocation settings.  ... 
doi:10.1109/grid.2012.22 dblp:conf/grid/HeCJL12 fatcat:pqsbc4fmxbfrblhufngbm5bu7y

Secure Role-Based Workflow Models [chapter]

Savith Kandala, Ravi Sandhu
2002 Database and Application Security XV  
The Task-Based Authorization Control (TBAC) [12] model was introduced to provide the notion of just-in-time permissions.  ...  The nature of permissions is highly dependent upon the implementation details of the system, so we interpret the permissions for a Workflow system in terms of its components such as tasks, instances of  ...  ACKNOWLEDGEMENT This work is partially supported by the National Science Foundation at George Mason University.  ... 
doi:10.1007/978-0-387-35587-0_4 fatcat:ekfwoqtjhvbdzjneefjjm6sbq4

Developing security-aware resource management strategies for workflows

Ligang He, Nadeem Chaudhary, Stephen A. Jarvis
2014 Future generations computer systems  
This paper investigates the issue of allocating resources for running workflows under the role-based authorization control, which is one of the most popular authorization mechanisms.  ...  However, the security policies impose further constraints on task executions, and therefore may affect both application-and system-oriented performance.  ...  Acknowledgement This work is supported by the Leverhulme Trust (grant number RPG-101).  ... 
doi:10.1016/j.future.2013.09.030 fatcat:nkhy5j4givhe7oa3v2wbuxwuku

Performance analysis and optimization for workflow authorization

Cheng Chang, Ligang He, Nadeem Chaudhary, Songling Fu, Hao Chen, Jianhua Sun, Kenli Li, Zhangjie Fu, Ming-Liang Xu
2017 Future generations computer systems  
Many workflow management systems have been developed to enhance the performance of workflow executions. The authorization policies deployed in the system may restrict the task executions.  ...  The authorization analysis methods are also extended to analyze the stochastic workflows, in which the tasks' execution times are not known exactly, but follow certain probability distributions.  ...  Based on the delay analysis, we further propose a optimized method of authorizing the tasks in a workflow, called the GAA (Global Authorization-Aware) method.  ... 
doi:10.1016/j.future.2016.09.011 fatcat:qsy5zgviujh4lennjgxwknldra

A Survey on Workflow Satisfiability, Resiliency, and Related Problems [article]

Daniel Ricardo dos Santos, Silvio Ranise
2017 arXiv   pre-print
Workflow management systems and workflow-driven applications need to enforce security policies in the form of access control, specifying which users can execute which tasks, and authorization constraints  ...  The Workflow Satisfiability Problem (WSP) asks whether there exists an assignment of users to tasks in a workflow such that every task is executed and the policy is not violated.  ...  Acknowledgement This work has been partly supported by the EU under grant 317387 SECEN-TIS (FP7-PEOPLE-2012-ITN).  ... 
arXiv:1706.07205v1 fatcat:r54f5z6ykvaojpleu6cjwqtmni

Satisfiability and Feasibility in a Relationship-Based Workflow Authorization Model [chapter]

Arif Akram Khan, Philip W. L. Fong
2012 Lecture Notes in Computer Science  
A workflow authorization model is defined in the framework of Relationship-Based Access Control (ReBAC), in which the protection state is a social network.  ...  The adoption of this language renders workflow feasibility NP-complete in the general case but polynomial-time decidable for an important family of workflows.  ...  This work is supported in part by an NSERC Discovery Grant and a Canada Research Chair.  ... 
doi:10.1007/978-3-642-33167-1_7 fatcat:zpmfvh3ceff7th22wkrs7woevu

Analyzing the performance impact of authorization constraints and optimizing the authorization methods for workflows

Nadeem Chaudhary, Ligang He
2013 20th Annual International Conference on High Performance Computing  
Many workflow management systems have been developed to enhance the performance of workflow executions. The authorization policies deployed in the system may restrict the task executions.  ...  The common authorization constraints include role constraints, Separation of Duty (SoD), Binding of Duty (BoD) and temporal constraints.  ...  ACKNOWLEDGMENT This work is supported by the Leverhulme Trust (grant number RPG-101).  ... 
doi:10.1109/hipc.2013.6799115 dblp:conf/hipc/ChaudharyH13 fatcat:r2kxq4lh75etvbu5a3gxqxgs5m
« Previous Showing results 1 — 15 out of 45,335 results