| Workflow technology has being gaining comprehensive attention recently. As a new research field, however, there are many problems remain unresolved, one of which is security issue. The thesis focuses on access control in workflow environment. While access control itself is quite profound, the access control issues in Workflow systems involve in how to incorporate access control model into workflow runtime context, in a simple and appropriate way, and making workflow cooperate with manual operations coherently.To begin with, the thesis compares several classical access control models, namely, DAC, MAC, RBAC and TBAC, analyzes the possibility and drawback when applying them to workflow environments. Then, adopting the notion of RBAC and TBAC, the thesis presents a dynamic access control model, named as RTFW, to fulfill the requirement of workflow environments. In RTFW model, permissions can be granted or revoked to/from users according to the context of workflow. Besides, RTFW enforces separation of duty policies during run-time, supplies access control of appropriate granularity for workflow.After that, the thesis narrates the designing and implementation of prototype system in detail, especially some key points and difficulties, including the design of database, Worklist generation algorithm, etc. RTFW prototype system supplies two tools, the security configure tool, for design/administration stage, and the task control tool, for runtime, to enforce the access control in workflow environments. Finally, the conclusion is reached, and the future work is simply discussed. |
PDF Full Text Request