|
| This Article | ||
| ||
| Share | ||
| Bibliographic References | ||
| Add to: | ||
 Digg  Furl  Spurl  Blink  Simpy  Google  Del.icio.us  Y!MyWeb | ||
| Search | ||
| ||
2011 Sixth International Conference on Availability, Reliability and Security
AW-RBAC: Access Control in Adaptive Workflow Systems
Vienna, Austria
August 22-August 26
ISBN: 978-0-7695-4485-4
| ASCII Text | x | ||
| Maria Leitner, Stefanie Rinderle-Ma, Jürgen Mangler, "AW-RBAC: Access Control in Adaptive Workflow Systems," 2012 Seventh International Conference on Availability, Reliability and Security, pp. 27-34, 2011 Sixth International Conference on Availability, Reliability and Security, 2011. | |||
| BibTex | x | ||
| @article{ 10.1109/ARES.2011.15, author = {Maria Leitner and Stefanie Rinderle-Ma and Jürgen Mangler}, title = {AW-RBAC: Access Control in Adaptive Workflow Systems}, journal ={2012 Seventh International Conference on Availability, Reliability and Security}, volume = {0}, year = {2011}, isbn = {978-0-7695-4485-4}, pages = {27-34}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2011.15}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, } | |||
| RefWorks Procite/RefMan/Endnote | x | ||
| TY - CONF JO - 2012 Seventh International Conference on Availability, Reliability and Security TI - AW-RBAC: Access Control in Adaptive Workflow Systems SN - 978-0-7695-4485-4 SP27 EP34 A1 - Maria Leitner, A1 - Stefanie Rinderle-Ma, A1 - Jürgen Mangler, PY - 2011 KW - RBAC KW - Access Control KW - Process-Aware Information Systems VL - 0 JA - 2012 Seventh International Conference on Availability, Reliability and Security ER - | |||
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2011.15
Flexibility is one of the key challenges for Workflow Systems nowadays. Typically, a workflow covers the following four aspects which might all be subject to change: control flow, data flow, organizational structures, and application components (services). Existing work in research and practice shows that changes must be applied in a controlled manner in order to avoid security problems. In this context, attempts have been made to manage administrative or operative changes using role-based access control (RBAC) models. However, most approaches focus on either administrative changes such as role updating and administration or operative changes, for example, inserting a new activity into a running workflow instance. The distinct handling of certain changes is cumbersome and hence should be reduced by introducing a RBAC model that pays attention to all kinds of possible workflow changes. Hence, in this paper, we present an extended RBAC model for adaptive workflow systems (AW-RBAC) that includes change operations and a variety of objects that are subject to change within workflow systems. Under such a model supervised administrative and operative changes can be enforced on a set of objects in workflow systems. Doing so, the AW-RBAC model improves security during workflow changes and reduces administration costs. The AW-RBAC model is evaluated by means of practical examples and a proof-of-concept implementation.
Index Terms:
RBAC, Access Control, Process-Aware Information Systems
Citation:
Maria Leitner, Stefanie Rinderle-Ma, Jürgen Mangler, "AW-RBAC: Access Control in Adaptive Workflow Systems," ares, pp.27-34, 2011 Sixth International Conference on Availability, Reliability and Security, 2011
Usage of this product signifies your acceptance of the Terms of Use.