| Many modem enterprises adopt workflow to enhance the facility of business processes and improve the efficiency. Along with the application and development of electronic commerce, the relationship and cooperation among enterprises are increasing, the interoperation among information systems becomes inevitable and the security of workflow system becomes a very significant problem; At the same time, in order to adapt the market demands and the adjustments of policies and regulations, enterprises' business processes have to carry on real-time changes, which requires the workflow systems to be flexible. Because different enterprises usually adopt different security policies, the security models of heterogeneous workflow systems are drawing more and more attention.There are many research achievements on the security models of heterogeneous workflow systems, among which the typical ones are the history-based as well as the Chinese Wall-based security access control models in the heterogeneous workflow environment. These models have realized the constrains of security, such as separation of duty, conflict of benefit and so on, but have no consideration of role hierarchies and permission partition, and they are unable to settle the conflicts effectively between the access control of exterior users and the protection of interior secret data, therefore these models are scant in the management of large-scale enterprises' users and roles, the role conversion of users in the heterogeneous workflow environment as well as the control of permission and so on. Scholars in and abroad also make great progress in the research of workflow flexibility, they have proposed different flexible workflow models according to the dynamic adjustments of workflow systems, such as Tucupi, flexible workflow model based on coordination theory and feedback mechanism etc., but these models are often too complex, which add the actual operation difficulties. Along with the popularization of WEB application, such methods as XML-based document as well as view of workflow have satisfied the demands of the communication of inter-enterprises' business processes to some extents, but they usually use the specific interoperation standards, which have no versatility, moreover, as long as the enterprises' interoperation protocols change, the whole workflow must be redeveloped and deployed, which makes the communication of workflow lack... |
PDF Full Text Request