The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents. either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent. and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.
Managing workflow authorization constraints through active database technology / F. Casati, S. Castano, M. Fugini. - In: INFORMATION SYSTEMS FRONTIERS. - ISSN 1387-3326. - 3:3(2001), pp. 319-338.
|Titolo:||Managing workflow authorization constraints through active database technology|
CASTANO, SILVANA (Secondo)
|Parole Chiave:||Workflows ; authorizations ; authorization constraints ; roles ; active databases ; triggers|
|Settore Scientifico Disciplinare:||Settore INF/01 - Informatica|
|Data di pubblicazione:||2001|
|Digital Object Identifier (DOI):||http://dx.doi.org/10.1023/A:1011461409620|
|Appare nelle tipologie:||01 - Articolo su periodico|