A Workflow System Design Based On Framework Spring MVC And TRBAC Access Control Model

With the globalization of today’s economic environment, enterprises are facing more and more fierce competition. Most competitive enterprises regard to the management of business processes as the key to their success.Workflow system will be converted actual business processes into what can be expressed in the form of computer, which coordinate all aspects of the workflow by calling the relevant information resources and human resources to make it according to a certain order of conduct, so as to achieve business process automation. It creates a good environment for collaborative work of enterprise sectors.Since the development of web technology, more and more applications using a web approach. This dissertation analyzes the advantages and disadvantages of the traditional J2EE framework. Core components of Spring MVC framework, the basic configuration to build workflow system and how the framework works are described in detail. And design workflow architecture based Spring MVC framework. Workflow engine, as the core of workflow management system, directly affects the performance of the system. This dissertation design and implement a specific workflow engine using the Spring MVC framework and workflow technology. And details of how workflow engine works, organization of workflow control data, and workflow engine core classes design.The research of workflow system’s security problem is a very important aspect in the field of workflow systems. Design and implementation of a good access control model is an important guarantee of information system’s running and operation. RBAC (Role Based Access Control) is a mainstream access control, authentication and authorization model based on user-assigned roles, which effectively overcomes the defects of traditional access control policy, reduces the complexity of the authorization management and cost. But RBAC model in workflow dynamic poor, the minimum permissions is oversized and the check is complicated. This dissertation expands the RBAC model, introduces access object based task case and puts forward task and role based model. The client user login system in the form of browser, users obtain permissions through roles and complete with this role related work. If users need to complete the process related works, according to group objects activities needs access, system dynamically assign permissions. This improves the security of the system.