Elisa Bertino
Elena Ferrari
Abstract
In recent years, workflow management systems (WFMSs) have gained popularity in both research and commercial sectors. WFMSs are used to coordinate and streamline business processes. Very large WFMSs are often used in organizations with users in the range of several thousands and process instances in the range of tens and thousands. To simplify the complexity of security administration, it is common practice in many businesses to allocate a role for each activity in the process and then assign one or more users to each role—granting an authorization to roles rather than to users. Typically, security policies are expressed as constraints (or rules) on users and roles; separation of duties is a well-known constraint. Unfortunately, current role-based access control models are not adequate to model such constraints. To address this issue we (1) present a language to express both static and dynamic authorization constraints as clauses in a logic program; (2) provide formal notions of constraint consistency; and (3) propose algorithms to check the consistency of constraints and assign users and roles to tasks that constitute the workflow in such a way that no constraints are violated.
- ADAM, N., ATLURI, V., AND HUANG, W. K. 1998. Modeling and analysis of workflows using petri nets. J. Intell. Inf. Syst. 10, 2, 131-158. Google Scholar
Digital Library
- BONATTI, P., SAPINO, M., AND SUBRAHMANIAN, V. S. 1996. Merging heterogeneous security orderings. In Proceedings of the Conference on Computer Security (ESORICS 96, Rome, Italy), E. Bertino, H. Kurth, G. Martella, and E. Montolivo, Eds. Springer-Verlag, New York, NY, 183-197. Google Scholar
- CADOLI, M. AND SCHAERF, M. 1993. Complexity results for non-monotonic logics. J. Logic Program. 17.Google Scholar
- CHANG, S., POLESE, G., THOMAS, R., AND DAS, S. 1997. A visual language for authorization modeling. In Proceedings of the IEEE Symposium on Visual Languages (VL97, Capri, Italy). IEEE Computer Society Press, Los Alamitos, CA. Google Scholar
- CLARK, D. AND WILSON, D. 1987. A comparison of commercial and military computer security policies. In Proceedings of the IEEE Symposium on Research in Security and Privacy (Oakland, CA). IEEE Computer Society Press, Los Alamitos, CA, 184-194.Google Scholar
- DAS, S. 1992. Deductive Databases and Logic Programming. Addison-Wesley, Reading, MA.Google Scholar
- GELFOND, M. AND LIFSCHITZ, V. 1988. The stable model semantics for logic programming. In Proceedings of the 5th International Conference on Logic Programming (Cambridge, MA). MIT Press, Cambridge, MA, 1070-1080.Google Scholar
- GEORGAKOPOULOS, D., HORNICK, M., AND SHETH, A. 1995. An overview of workflow management: from process modeling to workflow automation infrastructure. Distrib. Parallel Databases 3, 2 (Apr. 1995), 119-153. Google ScholarDigital Library
- JONSCHER, D., MOFFET, J., AND DITTRICH, K. 1994. Complex subjects or the striving for complexity is ruling our world. In Database Security VII: Status and Prospects. Elsevier North-Holland, Inc., Amsterdam, The Netherlands, 19-37. Google Scholar
- LLOYD, J. W. 1984. Foundations of Logic Programming. Springer-Verlag, New York, NY. Google Scholar
- LOTUS CORPORATION, 1996. Lotus Notes Administrator's Reference Manual, Release 4. Lotus Publ. Corp., Cambridge, MA.Google Scholar
- MEDINA-MORA, R., TONG, H., AND FLORES, P. 1993. ActionWorkflow as the enterprise integration technology. IEEE Data Eng. Tech. Bull. 16, 2, 49-52.Google Scholar
- NYANCHAMA, M. AND OSBORN, S. 1993. Role-based security, object oriented databases and separation of duty. SIGMOD Rec. 22, 4 (Dec. 1993), 45-51. Google ScholarDigital Library
- NYANCHAMA, M. AND OSBORN, S. 1996. Modeling mandatory access control in role-based security systems. In Database Security IX: Status and Prospects. Elsevier North-Holland, Inc., New York, NY, 129-144. Google Scholar
- Proceedings of the 1st (1996) ACM Workshop on Role-Based Access Control. ACM Press, New York, NY.Google Scholar
- RAMAKRISHNAN, R., SRIVASTAVA, D., AND SUDARSHAN, S. 1994. The coral deductive system. VLDB J. 3, 2, 161-210. Google ScholarDigital Library
- SANDHU, R. 1991. Separation of duties in computerized information systems. In Database Security IV: Status and Prospects. Elsevier North-Holland, Inc., New York, NY, 179-189.Google Scholar
- SANDHU, R. 1996. Role hierarchies and constraints for lattice-based access controls. In Proceedings of the Conference on Computer Security (ESORICS 96, Rome, Italy), E. Bertino, H. Kurth, G. Martella, and E. Montolivo, Eds. Springer-Verlag, New York, NY, 65-79. Google Scholar
- SANDHU, R., COYNE, E. J., FEINSTEIN, H. L., AND YOUMAN, C. E. 1996. Role-based access control models. IEEE Comput. 29, 2 (Feb.), 38-47. Google ScholarDigital Library
- THOMAS, R. AND SANDHU, R. 1997. Task-based authorization controls (TBAC): Models for active and enterprise-oriented authorization management. In Proceedings of the 11th IFIP Working Conference on Database Security (Lake Tahoe, CA). Chapman & Hall, Ltd., London, UK, 136-151. Google Scholar
- ULLMAN, J. 1989. Principles of Database and Knowledge-Base Systems. Computer Science Press, Inc., New York, NY. Google Scholar
- VAN GELDER, A., ROSS, K. A., AND SCHLIPF, J. S. 1991. The well-founded semantics for general logic programs. J. ACM 38, 3 (July 1991), 619-649. Google ScholarDigital Library
Index Terms
- The specification and enforcement of authorization constraints in workflow management systems
Recommendations
Role-based authorization constraints specification
Constraints are an important aspect of role-based access control (RBAC) and are often regarded as one of the principal motivations behind RBAC. Although the importance of contraints in RBAC has been recogni zed for a long time, they have not recieved ...
Function-Based Authorization Constraints Specification and Enforcement
IAS '07: Proceedings of the Third International Symposium on Information Assurance and SecurityConstraints are an important aspect of role-based access control (RBAC) and its different extensions. They are often regarded as one of the principal motivation behind these access control models. In this paper, we introduce two novel authorization ...
Managing Workflow Authorization Constraints through Active Database Technology
The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents, either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on ...
Reviews
Jaak Tepandi
Workflow management systems (WFMSs) are used to implement and control business processes. This comprehensive research paper addresses security policies within WFMSs. To manage security administration, a role is often assigned to each activity in the process. One or more users are assigned to each role; the system grants authorization to roles rather than to users. Security policies are then expressed as constraints on users and roles. A well-known example of a constraint on security policies is separation of duties. The authors present a language for expressing both static and dynamic authorization constraints as clauses in a logic program. Formal notions of constraint consistency are provided. The authors propose algorithms to check the consistency of constraints and to assign users to tasks that constitute the workflow in such a way that constraints are not violated. The use of logic programs as a formal notation for representing the authorization constraints allows the formalization of the complex problem of representing authorization constraints and presenting formal proofs of their consistency. However, it may make the paper more difficult to read, especially for readers with no background in formal logic. The assumption made in the paper that all the tasks in a workflow are executed sequentially, according to a specified total order, is often invalid in real-life WFMSs. This paper may be useful to researchers and developers in this area.
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments