Research And Implementation Of Access Control In Virtual Enterprise Workflow Management System

Virtual Enterprise (VE) is an effective organizational mode to adapt to market demand. It comprehends manufacture technology, modern information technology and management technology. And it is an ideal organizational form for enterprises in the future. The workflow technology that oriented from Office Automation (OA) could promote development of VE. But the VE has features of distribution and dynamic, which bring some problems of information security. It is an important research subject for access control of data in virtual enterprise workflow management system.First, this article introduces the background knowledges, including VE, workflow technology, Workflow Management System (WfMS) and information security mechanism. Then it mainly discusses the access control and explains the concept of the access control and traditional access control methods. And the article introduces Role-Based Access Control (RBAC) models and the current research of RBAC in WfMS.Second, the paper presents an access control model for VE WfMS based on RBAC96 model. It regards organization chart as the foundation to build roles, which can speed up the setup of roles. It introduces task and authorization strategy to realize synchronization between authorization flow and workflow. It presents the types of authorization constraint. The model combines authorization constraint with authorization strategy and gives collision detecting rules. The paper defines primary elements and authorization flow in the model.Third, the article analyses the organization and workflow process of VE. Then it presents the realization approach of access control model based on organization chart and role in VE WfMS. It introduces mainly entities, sequences and authorization strategies in detail. It describes architecture of access control subsystem and function of every module. Upon all of them, the article designs the data structures and role's operations of access control subsystem. In the paper there are some examples of execution of access control subsystem.Finally, the article summarizes its characteristics and prospects for the future work.