W-RBAC — A Workflow Security Model Incorporating Controlled Overriding of Constraints
- 1 December 2003
- journal article
- Published by World Scientific Pub Co Pte Ltd in International Journal of Cooperative Information Systems
- Vol. 12 (4) , 455-485
- https://doi.org/10.1142/s0218843003000814
Abstract
This paper presents a pair of role-based access control models for workflow systems, collectively known as the W-RBAC models. The first of these models, W0-RBAC is based on a framework that couples a powerful RBAC-based permission service and a workflow component with clear separation of concerns for ease of administration of authorizations. The permission service is the focus of the work, providing an expressive logic-based language for the selection of users authorized to perform workflow tasks, with preference ranking. W1-RBAC extends the basic model by incorporating exception handling capabilities through controlled and systematic overriding of constraints.Keywords
This publication has 4 references indexed in Scilit:
- The specification and enforcement of authorization constraints in workflow management systemsACM Transactions on Information and System Security, 1999
- The role graph model and conflict of interestACM Transactions on Information and System Security, 1999
- Exception-based information flow control in object-oriented systemsACM Transactions on Information and System Security, 1998
- Role-based access control modelsComputer, 1996