Incorporating security into workflow management systems

Posted on:1999-03-31

Degree:Ph.D

Type:Dissertation

University:Rutgers The State University of New Jersey - Newark

Candidate:Huang, Wei-Kuang

Full Text:PDF

GTID:1468390014970212

Subject:Computer Science

Abstract/Summary:

Workflow management systems (WFMS) are typically employed to provide the functionality for automating business activities. WFMS represent an important, inter-disciplinary area which is commercially significant, as witnessed by the large number of available products and a number of WFMS supported applications in various commercial sectors. The widespread use of workflow applications has lead to increased awareness of data security issues. This dissertation identifies the specific access control requirements--both discretionary and mandatory--in WFMS and proposes suitable security models. It also proposes a formal framework, based on Petri nets (PNs), to facilitate modeling and analyzing the security properties of WFMS. This dissertation has contributed to the progress towards the formalization, validation, development of workflow security models. The specific technical achievements are as follows: (1) With respect to the issue of discretionary access control, this dissertation proposes a workflow authorization model (WAM) that provides necessary features such as support for synchronization of an authorization flow with a workflow, separation of duties, and event-based authorization. (2) With respect to the issue of mandatory access control, this dissertation considers a multilevel secure (MLS) workflow environment and proposes a semantics-based classification to redesign MLS workflows. The redesigning ensures that all task dependencies can be executed correctly and securely and the redesigned workflow is equivalent to the original workflow. (3) This dissertation proposes a PN-based modeling and analysis approach as well as implements a working prototype for the proposed security model. Specifically, (a) it provides a uniform representation for specifying both discretionary and mandatory access control in workflows, (b) it is capable of testing correctness of workflow dependency specifications by testing whether there exists inconsistent dependencies, (c) it is capable of examining the temporal feasibility, given an initial starting time of a workflow, and (d) it conducts a PN-based safety analysis.

Keywords/Search Tags:

Workflow, WFMS, Security, Access control

Related items

1	Study On Several Problems Of Workflow Security And Access Control
2	A Study Of Security Access Control On Workflow Management System
3	Research On Security Techniques In Workflow System
4	Research Of Task-role-based Dynamic Access Control In Wfms
5	Research On The PMI Based WFMS Security Model And Authorization Policy
6	The Research And Implementation Of Architecture On Secure Workflow Management System
7	Research And Implementation Of Access Control In Virtual Enterprise Workflow Management System
8	A Workflow System Design Based On Framework Spring MVC And TRBAC Access Control Model
9	Research On Access Control Model And Security Analysis In Workflow Systems
10	The Research On Optimization Mechanism In Workflow Access Control