Research On Access Control Model And Security Analysis In Workflow Systems

The fast evolving workflow technologies facilitate organizations to interact and cooperate with each other to achieve their business goals by process collaborations. The workflow system connect people, data and applications by the automation of business processes. Access control is an important security mechanism for organizations to protect their resources. It is rather a great challenge to balance the competing goals of collaboration and security in workflow systems. A flexible and complete access control model is required for workflow systems to restrict the permissions of the system administrators and the common users. Meanwhile, to guarantee the correctness and security of the workflow systems, the formal methods should be used to analyze and verify the consistence between the workflow processes and the access control policies, to avoid deadlocks, exceptions and failures in workflow systems during the run time.The thesis is focused on the access control model for workflow systems and the security analysis of workflow systems by formal methods. The main contributions of the thesis are as follows:1. A domain administration of task-role based access control model (DATRBAC) is proposed. This model integrates access check, authorization and administration aspects of access control. The authorization and administration permissions are distributed to multiple administrative domains and administrative roles. It also propose the solutions to detect and resolve the conflicts between access control policies defined by different administrative roles.2. It proposes a method to formalize and analyze workflow with SoD constraints based on Colored Petri Nets (CPN). The control flow, authorization rules and SoD constraints in a workflow are all represented by CPN and combined into one integrated CPN model. Then the execution paths of this model can be derived by reachability tree analysis. By analyzing these execution paths, some latent deadlocks caused by the inconsistency between authorization rules and SoD constraints can be detected. 3. It proposes a method to formalize and analyze security properties of workflow systems by process calculus and types. It first present WFPI, workflow Pi calculus, to formalize the elements of workflow systems. Based on WFPI, a type system is then proposed to ensure that the specified TBAC policy is respected. By subject reduction, the well-typed system can respect the TBAC policy at run time, by avoiding runtime access violations. A java-based type tool is developed to implement the type judgment and type inference on the WFPI systems.4. It describes the method to implement the DATRBAC model in the Product Lifecycle Management System TiPLM. It describes main steps of the implementation, including requirement analysis, function design and database design. The access control performance of the system is also tested by practical enterprise data.