| Workflow technology has been gaining comprehensive attention recently. As a new research field, however, there are many problems to be resolved, one of which is the security issue. The thesis focuses on task authorization in workflow environment. As we know, the task authorization is tightly relevant to a matter access control, while the access control itself is quite profound. The task authorization issue in workflow systems is studying how to incorporate access control model into workflow runtime context in a simple and appropriate way to make a workflow cooperate with manual operations coherently.The workflow management system and the workflow management reference model are introduced. Then, the thesis analyzes the requirements and features of task authorization in workflow environment as well as a classic access control model named RBAC. And it analyzes the possibilities and drawbacks when applying RBAC model to workflow environments. Based on the basic principle of RBAC, the thesis presents a dynamic access control model, named as TIAM, to fulfill the safety requirements of task authorization in workflow environments. In TIAM model,workflow tasks can be granted or revoked to/from users according to the context of workflow. The authorization process is divided into two phases, one is static authorization and the other is dynamic authorization. This makes TIAM model more applicable in a real application.The function architecture of the TIAM model is well narrated, it includes the definition phase function and the execution phase function. Then, The thesis describes the designing and implementation of the model in detail, including the design of the database, the classes library, etc. After that, Hunan telecom office automation system, a specific application system with TIAM model, is introduced. Finally, the conclusion is given, and the future work is simply discussed. |
PDF Full Text Request