The Research On Optimization Mechanism In Workflow Access Control

The wide application of information technology and huge driving role bring convenience to people's life,and changes the work and life styles of people.Various mobile devices are connected to the internet information system,and generate a large amounts of information for share.Almost all the information systems face with complex and volatile security issues,and there is no exception for the workflow model.Ensuring secure access to data in the workflow is critical.Access control plays an important role in the security system of workflow.Therefore,it is necessary to establish an efficient security access control mechanism to ensure that information is not stolen or even destroyed during workflow task processing.In this paper,the workflow access control is optimized in two aspects.One is to optimize the role assignment problem,and the other is to optimize the implementation process of access control strategy.This paper discusses the work from these two aspects.1)According to the task and role based access control model,an access control model based on the role matching in workflow environment is proposed,and a role matching mechanism is added into the model.This mechanism can match a set of roles that executes workflow tasks for a user.The matching mechanism is mainly based on the role finding method to increase the constraints of the environment and the temporal,and the number of the inheritance relationship.Finally the mechanism finds an optimal set of roles with the task execution authority,and matches the role set to the user.Eexperimentals show that the method can eliminate redundant role sets,and select an optimal set of roles for users to achieve the purpose of role matching optimization.2)According to mandatory access control and role-based access control,a role-based multi-level access control model is proposed,and a multi-level security policy is formulated.In order to make the policy applicable to the new scene,and correctly judge the user's access request,a data analysis mechanism on the model is added.By using the method of machine learning to feature extraction and data analysis,and using cross validation technology to establish experimental model,the mechanism can predict whether access request is compliant.Experiments show that using this method to analyze the user's access request can have a high prediction accuracy.The two models proposed in this paper can be used in the workflow environment,and one model combined with access rules and historical access data to judge the user's access request,has a good reference value.