Abstract
The traditional Role Based Access Control (RBAC) model can be applied to WorkFlow Management System (WFMS) well, but there are some issues. Since the senior roles inherit all the permissions of the junior roles and all the permissions are accumulated for the top senior role, applying the traditional RBAC to WFMS does not meet the access control requirements: least privilege principle, Separation of Duty (SoD). To tackle these, we propose applying Restricted Permission Inheritance RBAC to WFMS authorization and evaluate the advantages and benefits of them in design time and runtime.
This paper was supported by University IT Research Center Project and partially by Wonkwang University in 2001
Chapter PDF
Similar content being viewed by others
References
Ferraiolo, D.F., Richard Kuhn, D., Chandramouli, R.: Role-Based Access Control. Artech House Publishers, Norwood (ISBN 1-58053-370-1)
Yi, Y.H., Kim, M., et al.: Applying RBAC Providing Restricted Permission Inheritance to a Corporate Web Environment. In: Zhou, X., Zhang, Y., Orlowska, M.E. (eds.) APWeb 2003. LNCS, vol. 2642, pp. 287–292. Springer, Heidelberg (2003)
Bertino, E., Ferrari, E., Atluri, V.: The Specification and Enforcement of Authorization Constraints in Workflow Management Systems. ACM Transactions on Information and System Security 2(1), 65–104 (1999)
Kandala, S., Sandhu, R.: Extending the BFA Workflow Authorization Model to Express Weighted Voting. In: Database Security XIII: Status and Prospects, Kluwer, Dordrecht (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, S., Kim, Y., Noh, B., Lee, H. (2004). A New Authorization Model for Workflow Management System Using the RPI-RBAC Model. In: Bubak, M., van Albada, G.D., Sloot, P.M.A., Dongarra, J. (eds) Computational Science - ICCS 2004. ICCS 2004. Lecture Notes in Computer Science, vol 3036. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24685-5_109
Download citation
DOI: https://doi.org/10.1007/978-3-540-24685-5_109
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22114-2
Online ISBN: 978-3-540-24685-5
eBook Packages: Springer Book Archive