SecureFlow

28 October 1999

conference paper
Published by Association for Computing Machinery (ACM)

p. 83-94
https://doi.org/10.1145/319171.319179

Abstract

The objective of this paper is to present a web-based Work- o w Management System (WFMS), called SecureFlow that can serve as a framework for specication and enforcement of complex security policies within a worko w, such as sep- aration of duties. The main advantage of SecureFlow is that it uses a simple 4GL language such as SQL to spec- ify authorization constraints, thereby improving exibilit y and user-friendliness. Due to the modular nature of the SecureFlow architecture, the security specication and en- forcement modules can be layered on top of existing work- o w systems that do not provide adequate support for secu- rity. SecureFlow relies on the Workow Authorization Model (WAM) recently proposed by Atluri and Huang.

Keywords

This publication has 4 references indexed in Scilit:

Modeling and Analysis of Workflows Using Petri Nets
Journal of Intelligent Information Systems, 1998
A flexible model supporting the specification and enforcement of role-based authorization in workflow management systems
Published by Association for Computing Machinery (ACM) ,1997
A new generation of workflow-management-systems: beyond Taylorism with MOBILE
ACM SIGOIS Bulletin, 1996
Role-based access control models
Computer, 1996