Workflow design involves modeling different aspects of a business process as well as security requirements. This paper presents an approach based on triggers to specify and enforce workflow authorization constraints for a flexible assignment of tasks to roles and agents. The approach has been conceived in the framework of the WIDE workflow management system. Authorization triggers specify when and how the set of authorizations for a given workflow should be changed and which actions should be taken by the system or by the administrator. A basic set of triggers is provided enforcing security policies common to workflow systems. Methodological issues related to trigger design for a given workflow application are discussed and an approach based on authorization patterns is illustrated. The paper shows how authorization patterns can be instantiated into triggers and discusses briefly aspects related to the analysis of a set of authorization triggers defined for a given workflow application

Enforcing workflow authorization constraints using triggers / F. Casati, S. Castano, M. Fugini. - In: JOURNAL OF COMPUTER SECURITY. - ISSN 0926-227X. - 6:4(1998), pp. 257-285. [10.3233/JCS-1998-6403]

Enforcing workflow authorization constraints using triggers

S. Castano
Secondo
;
1998

Abstract

Workflow design involves modeling different aspects of a business process as well as security requirements. This paper presents an approach based on triggers to specify and enforce workflow authorization constraints for a flexible assignment of tasks to roles and agents. The approach has been conceived in the framework of the WIDE workflow management system. Authorization triggers specify when and how the set of authorizations for a given workflow should be changed and which actions should be taken by the system or by the administrator. A basic set of triggers is provided enforcing security policies common to workflow systems. Methodological issues related to trigger design for a given workflow application are discussed and an approach based on authorization patterns is illustrated. The paper shows how authorization patterns can be instantiated into triggers and discusses briefly aspects related to the analysis of a set of authorization triggers defined for a given workflow application
Settore INF/01 - Informatica
Article (author)
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

Caricamento pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/179525
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 3
  • ???jsp.display-item.citation.isi??? ND
social impact