The Research Of Task Delegation Model In Workflow

In workflow applications, each workflow(W) contains several tasks, roles in RBAC areusually used to control the access permission of these tasks, this task model based on RBACtechnology is called the RBAC-Based Task Model (TM-RBAC), which is described asfollows: Each workflow can be broken down into several tasks,"before-after"dependenciesexist in these tasks. For any user u, R(u) stands for the role collection that he/she has, all theseroles are used to control the access permissions of tasks, When the model is instantiated,specific executors with the corresponding access permissions are designated respectively.To better describe the TM-RBAC model, the following definitions and rules are given:Definition 1 Ti R is defined as the corresponding role which is required to access andexecute the task i T .Rule 1 (Relationship between Task and Role) For any random-selected Tasks i T , j T ,their corresponding roles are Ti R , Tj R , if i T = j T , then Ti R = Tj R ;But the opposite is not true.Definition 2 T(u) is defined as the task set in which user u can participate; t (u) i isdefined as the set of task instances which can be executed by user u for task i T .Definition 3 tan ( , ) i Exe t w T is defined as the user collection who can execute the taski T in workflow instance w.Rule 2 In TM-RBAC mode, for a workflow instance w and task i T in w,Exe tan t(w,T ) {u} i ? . u is the user designated in model instantiation phase.As can be seen from the above definitions and rules, the user collection who can executespecific task instance in TM-RBAC contains only one element, which is the designated useru, so the TM-RBAC model is insufficient-flexibility and poor-security, for this a TaskDelegation model will be proposed first, and then we will apply it to the TM-RBAC model, and propose an improved Task Model TDTM-RBAC(Task-Delegable TM-RBAC).Task Delegation refers to the system user (the delegator)'s commitment of delegatingcertain types of tasks to other user (the assignee), so that the corresponding task can besuccessfully implemented by the assignee.In this paper, combined with Workflow and RBAC access control technology, a taskmodel is proposed. In this model, Delegation Consultation is a discussion process on the issueof delegation or revocation between the delegator and the assignee; Delegation Prescription,which limits the validity of the delegation, is specified before the implementation ofdelegation. When it expires, the delegation will be automatically revoked. DelegationCondition stipulates the appropriate permissions for both parties of the delegation; DelegationRevocation is a process of delegation cancellation, it's a reverse process of DelegationImplementation; Delegation Tracking is a monitoring and recording process by system duringthe implementation of the delegated Task; Task Constraint Base limits the delegable task set;The core of the Task Delegation Model is Delegation Implementation, which regulates therelations between the two sides of the delegation and the means of delegation(Later, asolution to the task delegation based on Attribute Certificate will be proposed).Using the concept of Collection and Relationship, a formal description about TaskDelegation model is given as follows:Definition 4 (Delegation Relationship) Triple (u,T ,u ) i ? is defined to describe thedelegation relationship, in which u refers to the delegator, i T is the delegated Task ,u?refers to the assignee(We use ( , ) i D u T to represent he/she in this paper) .Definition 5 (Delegation Consultation) We define the expressionConsulation(u,T ,u , f ) i ? as the result of consultation about task i T between user u and u? ,the consultation content is designated by f, whose value is revoke for delegation revocation ordelegate for task delegation.Definition 6 (Delegation Prescription) Two-tuples (begin_time, duration) is defined todescribe the limitation period of delegation, which means delegation is effective only duringthe period from begin_time to begin_time + duration, the default value is (now, ? ). We can use expire(begin_time, duration) to judge if the delegation is invalid or not.Definition 7 (Necessary conditions for Delegation Implementation) Delegation (u,T ,u ) i ?can be executed only when meeting all the following conditions:(1) The assignee and the delegator can't be the same user: u? ? u(2) Task i T hasn't been delegated to any user: (u,T ,u?) ? ? i(3) The Delegation Conditions: R R(u) T i ? and R R(u ) T i ? ?(4) The Task Constraint: T T(u) i ?(5) Successful consultation: Consulation(u,T ,u , delegate) i ? = SuccessDefinition 8 (The delegator set) For user u and Task i T , 1 ( , )i D? u T is defined as a setof delegators who delegate task i T to user u.Definition 9 (Sufficient condition of revoking delegation) The delegation relationship(u,T ,u ) i ? will be revoked as one of the following conditions is met:(1) When the corresponding permission of the assignee is revoked, the delegation will berevoked automatically: Re ( , ) Ti voke u? R = Success(2) The Delegation exceeds its validity period: expire(begin_time, duration) = true(3) Successful Consultation: Consulation(u,T ,u , revoke) i ? = SuccessAccording to the characteristics related to delegation, the model has characteristic ofsymmetry, traceability and so on. In addition, this paper adds another two characteristics fortask delegation model- they are symmetry and traceability. The following are descriptions tothese characteristics.Symmetry: when the delegation relationship (u,T ,u ) i ? exists, the delegation relationship(u ,T ,u) i ? also can be set up, we say the delegation is symmetrical, otherwise it'snon-symmetrical. In this model, while user u delegates'task i T to user u? , user u? canalso delegate her/his task i T to user u, so it's symmetrical.Traceability: In this model, after the delegation, the system or the delegator can track the course of task implementation by the assignee, so it's traceable.The Delegation Model has characteristics of Temporariness, partiality, single step,revocation and non-multiplicity, these make the permissions of users, the delegation validityand the participated users reach its minimum size, thus improves the security of the system.The characteristic of traceability prevent the assignee's malicious acts during taskimplementation. And the characteristics of monotonicity, diversity, bilaterality and symmetrymake the system more flexible.In order to make the task delegation safer and more effective, in this paper proposes asolution based on attribute certificates to solve the delegation issue. Here the attributecertificate includes permission certificate and delegation certificate; Delegation certificate,stands for information like the capable tasks transferred from the delegator to the delegateeand accessible tasks, etc; it is the content and requirement of the delegation task, andgenerates with the development of the delegation needs. It has the following advantages:1. Formulate access-and-control strategy by using user-based"identity-attribute"combination. The combination of identity and attribute certificates separates the user'sattribute and identity; it can help establish trust between users, and also ensure the validity ofthe delegation permission transfer.2. AC contains contents and requirements of various delegation permissions and tasks,thus enhancing the functionality of task delegation. The encapsulated identity informationcould be used as the signature for delegation task. Once malicious behaviors happen, AAcould find the corresponding person according to this encrypted signature.3. The connection between attribute certificate and delegation needs makes the delegationmore flexible. It effectively implements each constituent element of the delegation model.When we apply the Task Delegation model into TM-RBAC model, a Task-DelegableTask model (TDTM-RBAC) is generated. Combined with the above description of taskdelegation model , Definition 2 and Definition 3, rules can be drawn as follows:Rule 3 In TDTM-RBAC, tan ( , ) { } ( , ) i i Exe t w T ? u ? D u T .Rule 4 In TDTM-RBAC, the executable task instances for Task i T is Rule 5 (Relationship between TM-RBAC and TDTM-RBAC) For a random-selectedTask i T , TDTM-RBAC ? TM-RBAC, if and only if ? { ( , ) ?1 ( , )} ? ?i i u D u T ? D u T .It can be seen from Rule 5 that TDTM-RBAC model is an extension and improvement ofTM-RBAC model. In TDTM-RBAC model, Task i T in workflow instance w, which shouldhave been executed by user u, now can be executed by u or ( , ) i D u T .Therefore, when the user u can't execute his/her own task in time for some reasons, thekey tasks can be delegated to other user, so that the work can be promptly and successfullyfinished. This model has been proved to be practical in the Collaborative Design System of aDesign & Research Institute in China, and will certainly have wider application in workflowmanagement system in the future.