Managing Workflow Authorization Constraints through Active Database Technology

Fabio Casati, Silvana Castano, Maria Grazia Fugini

Research output: Contribution to journal › Article

Abstract

The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents, either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent, and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.

Original language	English
Pages (from-to)	319-338
Number of pages	20
Journal	Information Systems Frontiers
Volume	3
Issue number	3
DOIs	https://doi.org/10.1023/A:1011461409620
Publication status	Published - 2001
Externally published	Yes

Fingerprint

Keywords

Active databases
Authorization constraints
Authorizations
Roles
Triggers
Workflows

ASJC Scopus subject areas

Theoretical Computer Science
Software
Information Systems
Computer Networks and Communications

Cite this

Casati, F., Castano, S., & Fugini, M. G. (2001). Managing Workflow Authorization Constraints through Active Database Technology. Information Systems Frontiers, 3(3), 319-338. https://doi.org/10.1023/A:1011461409620

@article{5abd67cc1ed5481eb733e948d146e610,

title = "Managing Workflow Authorization Constraints through Active Database Technology",

abstract = "The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents, either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent, and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.",

keywords = "Active databases, Authorization constraints, Authorizations, Roles, Triggers, Workflows",

author = "Fabio Casati and Silvana Castano and Fugini, {Maria Grazia}",

year = "2001",

doi = "10.1023/A:1011461409620",

language = "English",

volume = "3",

pages = "319--338",

journal = "Information Systems Frontiers",

issn = "1387-3326",

publisher = "Springer Netherlands",

number = "3",

}

TY - JOUR

T1 - Managing Workflow Authorization Constraints through Active Database Technology

AU - Casati, Fabio

AU - Castano, Silvana

AU - Fugini, Maria Grazia

PY - 2001

Y1 - 2001

N2 - The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents, either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent, and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.

AB - The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents, either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent, and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.

KW - Active databases

KW - Authorization constraints

KW - Authorizations

KW - Roles

KW - Triggers

KW - Workflows

UR - http://www.scopus.com/inward/record.url?scp=0035594917&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0035594917&partnerID=8YFLogxK

U2 - 10.1023/A:1011461409620

DO - 10.1023/A:1011461409620

M3 - Article

AN - SCOPUS:0035594917

VL - 3

SP - 319

EP - 338

JO - Information Systems Frontiers

JF - Information Systems Frontiers

SN - 1387-3326

IS - 3

ER -

Access to Document

10.1023/A:1011461409620