Data di Pubblicazione:
1998
Citazione:
Enforcing workflow authorization constraints using triggers / F. Casati, S. Castano, M. Fugini. - In: JOURNAL OF COMPUTER SECURITY. - ISSN 0926-227X. - 6:4(1998), pp. 257-285. [10.3233/JCS-1998-6403]
Abstract:
Workflow design involves modeling different aspects of a business process as well as security requirements. This paper presents an approach based on triggers to specify and enforce workflow authorization constraints for a flexible assignment of tasks to roles and agents. The approach has been conceived in the framework of the WIDE workflow management system. Authorization triggers specify when and how the set of authorizations for a given workflow should be changed and which actions should be taken by the system or by the administrator. A basic set of triggers is provided enforcing security policies common to workflow systems. Methodological issues related to trigger design for a given workflow application are discussed and an approach based on authorization patterns is illustrated. The paper shows how authorization patterns can be instantiated into triggers and discusses briefly aspects related to the analysis of a set of authorization triggers defined for a given workflow application
Tipologia IRIS:
01 - Articolo su periodico
Elenco autori:
F. Casati, S. Castano, M. Fugini
Link alla scheda completa: