Data di Pubblicazione:
1999
Citazione:
Rules and patterns for security in workflow systems / S. Castano, M. Grazia Fugini - In: Database Security XII: Status and Prospects[s.l] : Kluwer, 1999. - ISBN 0-7923-8488-1. (( convegno Proceedings of Annual Working Conference on Database Security: Status and Prospects tenutosi a Chalkidiki, Greece nel 15-17 July 1998.
Abstract:
Assignment of tasks to agents in a workflow (WF) system should occur according to security policies regarding user authorizations to access data and documents through the WF tasks. The paper presents an approach for discretionary secure assignment of tasks to agents taking into account authorization constraints, in the framework of the WIDE (Workflow Interactive Development Environment) WF management system. The approach is based on the concepts of role, agent, and task, and on authorization patterns and rules. Security rules (or triggers) specify which actions (e.g., security warnings, logs, audit actions) should be taken when a security violation (event) occurs, following the ECA paradigm of active databases. A basic set of rules is provided in the abstracted form of authorization patterns which are generic rule skeletons to be properly instantiated to enforce authorization constraints in a given WF application
Tipologia IRIS:
03 - Contributo in volume
Elenco autori:
S. Castano, M. Grazia Fugini
Link alla scheda completa:
Titolo del libro:
Database Security XII: Status and Prospects