W-RBAC — A Workflow Security Model Incorporating Controlled Overriding of Constraints

Jacques Wainer, Paulo Barthelmess, Akhil Kumar
2003 International Journal of Cooperative Information Systems  
This paper presents a pair of role-based access control models for workflow systems, collectively known as the W-RBAC models. The first of these models, W0-RBAC is based on a framework that couples a powerful RBAC-based permission service and a workflow component with clear separation of concerns for ease of administration of authorizations. The permission service is the focus of the work, providing an expressive logic-based language for the selection of users authorized to perform workflow
more » ... s, with preference ranking. W1-RBAC extends the basic model by incorporating exception handling capabilities through controlled and systematic overriding of constraints.
doi:10.1142/s0218843003000814 fatcat:gfpcv74atzbw7g2xbpzfby4zlu