Skip to main content
SpringerLink
Log in
Book cover

International Conference on Grid and Pervasive Computing

GPC 2012: Advances in Grid and Pervasive Computing pp 323–337Cite as

Performance Analysis for Workflow Management Systems under Role-Based Authorization Control

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 7296))

Abstract

Role-Based Access Control (RBAC) remains one of the most popular authorization control mechanisms. Workflow is a business flow composed of several related tasks. These tasks are interrelated and context-dependent during their execution. Under many circumstances execution context introduces uncertainty in authorization decisions for tasks. This paper investigates the role-based authorization model with the runtime context constraints and dynamic cardinality constraints. The Generalized Stochastic Petri-net is used to model the authorization process. Moreover, due to the state explosion problem in the Petri-net formalism, the proposed modeling method combines the Queuing theory to analyze both system-oriented and user-oriented performance. Given the workflow information, its running context and the authorization policies, this work can be used to predict the performance of these workflows running in the system. The prediction information can give insight in how to adjust authorization policies to strike a better balance between security and performance.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Sandhu, R.S., Coyne, E.J., Feistein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)

    Article  Google Scholar 

  2. Ahn, G., Sandhu, R.: Role-Based Authorization Constraints Specification. ACM Trans. Information and System Security 3(4), 207–226 (2000)

    Article  Google Scholar 

  3. Ahn, G., Sandhu, R.: The RSL99 Language for Role-based Separation of Duty Constraints. In: Proceedings of the Fourth ACM Workshop on Role-based Access Control, Fairfax, Virginia, United States, October 28-29, pp. 43–54 (1999)

    Google Scholar 

  4. Botha, R., Eloff, J.: Separation of Duties for Access Control Enforcement in Workflow Environments. IBM Systems Journal 40(3), 666–682 (2001)

    Article  Google Scholar 

  5. Joshi, J., Bertino, E., Latif, U., Ghafoor, A.: A Generalized Temporal Role-Based Access Control Model. IEEE Transactions on Knowledge and Data Engineering 17(1), 4–23 (2005)

    Article  Google Scholar 

  6. Wainer, J., Barthelmess, P., Kumar, A.: W-RBAC- A Workflow Security Model Incorporating Controlled Overriding of Constraints. International Journal of Cooperative Information Systems 12(4), 455–486 (2003)

    Article  Google Scholar 

  7. Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: a Temporal Role-based Access Control Model. In: Proceedings of the Fifth ACM Workshop on Role-based Access Control, Berlin, Germany, July 26-28, pp. 21–30 (2000)

    Google Scholar 

  8. Wang, Q., Li, N.: Satisfiability and Resiliency in Workflow Authorization Systems. ACM Transactions on Information and System Security (TISSEC) 13(4), 1–35 (2010)

    Article  Google Scholar 

  9. Thomas, R.K., Sandhu, R.S.: Task-based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-oriented Authorization Management. In: IFIP TC11 WG113 11th International Conference on Database Security XI Status and Prospects, vol. 11, pp. 166–181. Chapman & Hall, Ltd

    Google Scholar 

  10. Bertino, E., Ferrari, E.: An authorization Model for Supporting the Specification and Enforcement of Role-based Authorization in Workflow Management Systems. ACM Transactions on Information and System Security 2(1), 65–104 (1999)

    Article  Google Scholar 

  11. Castano, S., Casati, F., Fugini, M.: Managing Workflow Authorization Constraints through Active Database Technology. Information Systems Frontiers 3(3), 319–338 (2001)

    Article  Google Scholar 

  12. van der Aalst, W.M.P.: The Application of Petri Nets to Workflow Management. The Journal of Circuits, Systems and Computers 8(1), 21–66 (1998)

    Article  Google Scholar 

  13. Ray, I., Li, N., France, R., Kim, D.K.: Using UML to Visualize Role-based Access Control Constraints. In: Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, Yorktown Heights, New York, USA, June 02-04, pp. 115–124 (2004)

    Google Scholar 

  14. Tan, K., Crampton, J., Gunter, C.: The Consistency of Task-based Authorization Constraints in Workflow Systems. In: Proceedings of 17th IEEE Computer Security Foundations Workshop, pp. 155–169 (2004)

    Google Scholar 

  15. Liu, S., Fan, Y.S.: Workflow Model Performance Analysis Concerning Instance Dwelling Times Distribution. In: 2009 IEEE International Symposium on Parallel and Distributed Processing with Applications, ISPA, pp. 601–605 (2009)

    Google Scholar 

  16. Li, J.Q., Fan, Y.S., Zhou, M.C.: Performance Modeling and Analysis of Workflow. IEEE Transactions on System, Man, and Cybernetics A 34, 229–242 (2004)

    Article  Google Scholar 

  17. He, L., Calleja, M., Hayes, M., Jarvis, S.A.: Performance Prediction for Running Workflows under Role-based Authorization Mechanisms. In: IEEE International Symposium on Parallel and Distributed Processing, pp. 1–8 (2009)

    Google Scholar 

  18. Manolache, S.: Schedulability Analysis of Real-Time Systems with Stochastic Task Execution Times. Ph.D Thesis, Department of Computer and Information Science, IDA, Linkoping University

    Google Scholar 

  19. Gallager, R.G.: Discrete Stochastic Process. Kluwer Academic Publishers Group (1996)

    Google Scholar 

  20. Adan, I., Resing, J.: Queueing Theory. Eindhoven University of Technology (2002)

    Google Scholar 

  21. Bunday, B.D.: An introduction to queueing theory. Arnold, London (1996)

    Google Scholar 

  22. Gross, D., Harris, C.M.: Fundamentals of Queueing Theory. Wiley, Chichester (1985)

    MATH  Google Scholar 

  23. Robertazzi, T.G.: Computer Networks and Systems – Queueing Theory and Performance Evaluation. Springer, New York (1994)

    Google Scholar 

  24. Bolch, G., Greiner, S., de Meer, H., Trivedi, K.S.: Queueing Networks and Markov Chains – Modeling and Performance Evaluation with Computer Science Applications. John Wiley and Sons, New York (1998)

    Book  MATH  Google Scholar 

  25. Li, N., Tripunitara, M.V., Bizri, Z.: On Mutually Exclusive Roles and Separation-of-duty. ACM Transactions on Information and System Security (TISSEC) 10(2), 5-es (2007)

    Article  MATH  Google Scholar 

  26. van Hoorn, M.H., Tijms, H.C.: Approximations for the Waiting Time Distribution of the M/G/C queue. Performance Evaluation 2(1), 22–28 (1982)

    Article  MATH  Google Scholar 

  27. Boxma, O.J., Cohen, J.W., Huffels, N.: Approximations of the Mean Waiting Time in an M/G/C Queuing System. Operations Research 27, 1115–1127 (1980)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Optical and Electronic Engineering, Mechanical Engineering College, Shijiazhuang, China

    Limin Liu

  2. Department of Computer Science, University of Warwick, Coventry, CV4 7AL, UK

    Ligang He & Stephen A. Jarvis

Authors
  1. Limin Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ligang He
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stephen A. Jarvis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computer Science and Technology, Huazhong University of Science and Technology, 1037 Luoyu Road, 430074, Wuhan, China

    Ruixuan Li

  2. Department of Computing, Hong Kong Polytechnic University, Hung Hom, Kowloon, Hong Kong, China

    Jiannong Cao

  3. University of Franche-Comte, FEMTO-ST, 1 cours Leprince-Ringuet, 25200, Montbéliard, France

    Julien Bourgeois

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Liu, L., He, L., Jarvis, S.A. (2012). Performance Analysis for Workflow Management Systems under Role-Based Authorization Control. In: Li, R., Cao, J., Bourgeois, J. (eds) Advances in Grid and Pervasive Computing. GPC 2012. Lecture Notes in Computer Science, vol 7296. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30767-6_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-30767-6_28

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-30766-9

  • Online ISBN: 978-3-642-30767-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation