The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents. either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent. and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.

Managing workflow authorization constraints through active database technology / F. Casati, S. Castano, M. Fugini. - In: INFORMATION SYSTEMS FRONTIERS. - ISSN 1387-3326. - 3:3(2001), pp. 319-338. [10.1023/A:1011461409620]

Managing workflow authorization constraints through active database technology

S. Castano
Secondo
;
2001

Abstract

The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents. either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent. and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.
Workflows ; authorizations ; authorization constraints ; roles ; active databases ; triggers
Settore INF/01 - Informatica
2001
Article (author)
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/179645
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 67
  • ???jsp.display-item.citation.isi??? 31
social impact