Application And Research Of Security Mechanism In Workflow Management System

With the development of Information Technology and the deepening applications of economic and social in various fields, the great role of Information Technology on productivity that the development of human civilization, more and more obvious, computer networks and information systems in the operation of enterprises and institutions were playing an increasingly important role. In this context, Workflow Technology received enterprises and institutions and scholars more and more attention, and Workflow Technology into application systems in the computer field has become a new hotspot. As Workflow Technology has brought to enterprises and institutions efficient management capability, the security problems of Workflow management systems are increasingly exposing. Security mechanism of systems became one of the most important issues to be solved in the course of social information. Because the nature of the workflow management system is the implementation of a series of business processes which there are rules and in order, and in Workflow management system, the implementation of business processes needs more users to participate and work together, sharing resources, etc. Therefore, Workflow management system not only to prevent unauthorized users to access system resources, but also to maintain the proper authority, access, and dynamic allocation and recovering of rights of legitimate users within the system. And access control technology is the first choice which is an effective solution to guarantee system resources and information security, so, access control technology in the field of security is the subject of this paper.In this paper,firstly, researching the workflow technology and the reference models of Workflow Management System proposed by numerous scholars and institutions, and focusing on the structure of Workflow Management System Reference model proposed by the Workflow Management Coalition. In which, for the access control function of the management and monitoring tools module in Workflow system are studied in details, for a variety of existing access control policies in the industry are analyzed in details, and focusing on the role-based access control (RBAC) model and task-based access control (TBAC) model. Then, for the characteristics of workflow management system, respectively discusses the advantages and disadvantages of the RBAC model and TBAC model, showing that direct use of RBAC model or TBAC models are unable to meet the needs of the access control system in Workflow Management System. Also for the modern enterprise management,directly between the upper and lower levels often have assignments or sensitive information related to the time, it needs a vertical management, level constraints business model. In view of this, in this paper, the role definition of traditional RBAC model is to be expanded to add potential constraints and the tree structure of enterprise architecture, and the role model is improved as a tree fine-granularity role model with a potential constraints. At last, I get a combination of advantages of RBAC model, a tree fine-granularity role model with a potential constraints and TBAC model, and proposing Task & tree granularity Role Based Access Control (T&TG-RBAC) Models, giving the model diagram, related concepts and definitions of T & TG-RBAC model.At last, T & TG-RBAC model is applied to the key companies of China Telecom in Guangdong database management system. And, it describes the development architecture, function architecture and security designing of the system, analyzing the access control module of the system, validating the applicability of the model in a workflow management system, showing it can meet the complexity of permissions management in Workflow management system.