A Uniform Model for Authorization and Access Control in Enterprise Information Platform

Li, Dongdong; Hu, Songlin; Bai, Shuo

doi:10.1007/3-540-45785-2_14

Dongdong Li⁷,
Songlin Hu⁷ &
Shuo Bai⁷

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2480))

Included in the following conference series:

International Conference on Engineering and Employment of Cooperative Information Systems

483 Accesses
2 Citations

Abstract

Enterprise information platform (EIP) is an enterprise model-based platform, aiming at model-driven enterprise design, analysis and evaluation. Its one role is to build up a framework for the easy integration of different systems representing the processes, structures, activities, goals and information, etc of businesses, governments or other enterprises. The topic of this paper is not data integration or application integration of EIP, but integration of authorization. This paper focuses on integration of authorizations of workflow management system and resource management system of EIP. Workflow management and resource management of current EIPs usually have their own models of authorization and access control. This type of separate authorization and access control mechanism causes many security problems. Previous studies focus on each authorization system individually, but the integration of them has hardly been deeply discussed. Here the paper presents a unified authorization and access control model, so as to represent the privileges authorized by different systems in the same format, and to avoid conflicts and other security problems as the consequence.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Bertino E., Ferrari E. and Atluri V. An Approach for the Specification and Enforcement of Authorization Constraints in Workflow Management Systems, ACM Transactions on Information Systems Security, February 1999, Vol 1, No. 1
Google Scholar
Castano, S., Casati F., and Fugini M. Managing Workflow Authorization Constraints through Active Database Technologh, Information Systems Frontiers, 3(3) September 2001.
Google Scholar
Shengli Wu, Amit Sheth John Miller, Zongwei Luo. Authorization and Access Control of Application Data in Workflow Systems, Intelligent Information Systems, January 2002, pp. 71–94
Google Scholar
S. Jajodia, P. Samarati, M.L. Sapino, and V.S. Subrahmanian, Flexible Support for Multiple Access Control Policies, in ACM Transactions on Database Systems, vol. 26, n. 2, June 2001, pp 214–260
Article MATH Google Scholar
P. Bonatti, S de Capitani di, P. Samarati, A Modular Approach to Composing Access Control Policies, In Proceedings of the 7th ACM conference on Computer and communications security, page 164–173, Athens Greece, Nov 2000. ACM Press
Google Scholar
T.Y.C. Woo and S.S. lam, Authorizations in distributed systems: A new approach. Journal of Computer Security, 2(2,3): 107–136, 1993
Google Scholar
P. Samarati, M.K. Reiter, S. Jajodia, An Authorization Model for a Public Key Management Service, in ACM Transactions on Information and System Security (TISSEC), vol. 4, n. 4, November 2001, pp. 453–482
Article Google Scholar
Bertino E., Ferrari E., Administration Policies in a Multipolicy Authorization System. Proc. 11th IFIP Working Conference on Database Security, Lake Tahoe (CA), August 1997, pp. 15–26
Google Scholar
R. Sandhu, E. Coyne, H.L, Feinstein, C.E. Youman, Role-based access control models. IEEE Computer, pages 38–47, February 1996
Google Scholar
Blaze, Feigenbaum, Strauss, Compliance checking in the policymaker trust management system. In FC: International Conference on Financial Cryptography. LNCS, Springer-Verlag, 1998
Google Scholar
N.H. Minsky, V. Ungureanu, Unified support for heterogeneous security policies in distributed systems. In proceeding of the 7th USENIX Security Symposium (SECURITY-98), pages 131–142, Berkeley, Jan. 26–29, 1998. Usenix Association
Google Scholar
AHN, GJ, the RCL 2000 Language for Specifying Role_Based Authorization Constraints, PhD Thesis, George Mason University, January 2000
Google Scholar

Download references

Author information

Authors and Affiliations

Software Division, Institute of Computing Technology, The Chinese Academy of Sciences, Beijing, 100080, China
Dongdong Li, Songlin Hu & Shuo Bai

Authors

Dongdong Li
View author publications
You can also search for this author in PubMed Google Scholar
Songlin Hu
View author publications
You can also search for this author in PubMed Google Scholar
Shuo Bai
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Institute of Computing Technique, P.O. Box 2704, 100080, Beijing, China
Yanbo Han
IBM T.J. Watson Research Center, P.O. Box 704, 10598, NY, Yorktown Heights, USA
Stefan Tai
FH Brandenburg, University of Applied Sciences, Magdeburger Str. 50, 14770, Brandenburg an der Havel, Germany
Dietmar Wikarski

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Li, D., Hu, S., Bai, S. (2002). A Uniform Model for Authorization and Access Control in Enterprise Information Platform. In: Han, Y., Tai, S., Wikarski, D. (eds) Engineering and Deployment of Cooperative Information Systems. EDCIS 2002. Lecture Notes in Computer Science, vol 2480. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45785-2_14

Download citation

DOI: https://doi.org/10.1007/3-540-45785-2_14
Published: 02 September 2002
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44222-6
Online ISBN: 978-3-540-45785-5
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics