The Ucon Of Workflow Management System Access Control Research And To Achieve

The technology of workflow, originated from the Office Automation (OA) system, has greatly promoted development of modern enterprises. However, with the distributive and dynamic characteristics of the enterprises, problems of information security come up. As a result, the access control of data has become a major research subject of enterprise workflow management system.This thesis first introduced the related theories and technologies which include the characteristics of the access control and information security mechanism of modern enterprises. This thesis then discussed the concept of the access control, traditional access control methods, role-based access control methods and the present research situation of access control of workflow management system, which was all centering on the subject of access control of data. At last, detailed research and description of a new type of access control model-UCON were brought in this thesis based on the research of the previous parts.Based upon the model-UCON referenced above, this thesis has put forward an access control model of workflow adapted to the distributive and dynamic characteristics of modern enterprises. The model-UCON is base on model-UCON_ABC has imported the idea of obligation and conditions, which has greatly improved system security In this model, each module made a judgment dynamically according to attributes of subject and object, operation and system and the present environment whenever before or in access, which realized synchronization between authorization flow and workflow. The settings of subject attribute of the model adapted well to the characteristics of business flow of real world. Through roles' division by the subject and the constraint, the model has realized separation of the privilege and duty and established the constraint rules of collision detection mechanism in order to avoid the problems of implementation of workflow brought by constraint collision. This thesis has taken a formalized description of all the elements in the module and given the flow of authorization.This thesis also analyses fundamental elements and workflows of mold enterprise. Base on that, it presents the realization approach of access control model based on UCON. It introduces related subjects and objects, main sequences and authorization strategies in detail and describes the architecture of access control subsystem and the function of each module. Upon all of them, the article designs the data structures and role's operations of access control subsystem. This thesis designed the data structure in the subsystem of access control system and the operations that can be chosen in all the subjects. The example of implementing the access control subsystem is also given in this thesis.