Abstract
Enterprise information platform (EIP) is an enterprise model-based platform, aiming at model-driven enterprise design, analysis and evaluation. Its one role is to build up a framework for the easy integration of different systems representing the processes, structures, activities, goals and information, etc of businesses, governments or other enterprises. The topic of this paper is not data integration or application integration of EIP, but integration of authorization. This paper focuses on integration of authorizations of workflow management system and resource management system of EIP. Workflow management and resource management of current EIPs usually have their own models of authorization and access control. This type of separate authorization and access control mechanism causes many security problems. Previous studies focus on each authorization system individually, but the integration of them has hardly been deeply discussed. Here the paper presents a unified authorization and access control model, so as to represent the privileges authorized by different systems in the same format, and to avoid conflicts and other security problems as the consequence.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bertino E., Ferrari E. and Atluri V. An Approach for the Specification and Enforcement of Authorization Constraints in Workflow Management Systems, ACM Transactions on Information Systems Security, February 1999, Vol 1, No. 1
Castano, S., Casati F., and Fugini M. Managing Workflow Authorization Constraints through Active Database Technologh, Information Systems Frontiers, 3(3) September 2001.
Shengli Wu, Amit Sheth John Miller, Zongwei Luo. Authorization and Access Control of Application Data in Workflow Systems, Intelligent Information Systems, January 2002, pp. 71–94
S. Jajodia, P. Samarati, M.L. Sapino, and V.S. Subrahmanian, Flexible Support for Multiple Access Control Policies, in ACM Transactions on Database Systems, vol. 26, n. 2, June 2001, pp 214–260
P. Bonatti, S de Capitani di, P. Samarati, A Modular Approach to Composing Access Control Policies, In Proceedings of the 7th ACM conference on Computer and communications security, page 164–173, Athens Greece, Nov 2000. ACM Press
T.Y.C. Woo and S.S. lam, Authorizations in distributed systems: A new approach. Journal of Computer Security, 2(2,3): 107–136, 1993
P. Samarati, M.K. Reiter, S. Jajodia, An Authorization Model for a Public Key Management Service, in ACM Transactions on Information and System Security (TISSEC), vol. 4, n. 4, November 2001, pp. 453–482
Bertino E., Ferrari E., Administration Policies in a Multipolicy Authorization System. Proc. 11th IFIP Working Conference on Database Security, Lake Tahoe (CA), August 1997, pp. 15–26
R. Sandhu, E. Coyne, H.L, Feinstein, C.E. Youman, Role-based access control models. IEEE Computer, pages 38–47, February 1996
Blaze, Feigenbaum, Strauss, Compliance checking in the policymaker trust management system. In FC: International Conference on Financial Cryptography. LNCS, Springer-Verlag, 1998
N.H. Minsky, V. Ungureanu, Unified support for heterogeneous security policies in distributed systems. In proceeding of the 7th USENIX Security Symposium (SECURITY-98), pages 131–142, Berkeley, Jan. 26–29, 1998. Usenix Association
AHN, GJ, the RCL 2000 Language for Specifying Role_Based Authorization Constraints, PhD Thesis, George Mason University, January 2000
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, D., Hu, S., Bai, S. (2002). A Uniform Model for Authorization and Access Control in Enterprise Information Platform. In: Han, Y., Tai, S., Wikarski, D. (eds) Engineering and Deployment of Cooperative Information Systems. EDCIS 2002. Lecture Notes in Computer Science, vol 2480. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45785-2_14
Download citation
DOI: https://doi.org/10.1007/3-540-45785-2_14
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44222-6
Online ISBN: 978-3-540-45785-5
eBook Packages: Springer Book Archive