Abstract
The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents, either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent, and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.
| Original language | English |
|---|---|
| Pages (from-to) | 319-338 |
| Number of pages | 20 |
| Journal | Information Systems Frontiers |
| Volume | 3 |
| Issue number | 3 |
| DOIs | |
| Publication status | Published - 2001 |
| Externally published | Yes |
Fingerprint
Keywords
- Active databases
- Authorization constraints
- Authorizations
- Roles
- Triggers
- Workflows
ASJC Scopus subject areas
- Theoretical Computer Science
- Software
- Information Systems
- Computer Networks and Communications
Cite this
Managing Workflow Authorization Constraints through Active Database Technology. / Casati, Fabio; Castano, Silvana; Fugini, Maria Grazia.
In: Information Systems Frontiers, Vol. 3, No. 3, 2001, p. 319-338.Research output: Contribution to journal › Article
}
TY - JOUR
T1 - Managing Workflow Authorization Constraints through Active Database Technology
AU - Casati, Fabio
AU - Castano, Silvana
AU - Fugini, Maria Grazia
PY - 2001
Y1 - 2001
N2 - The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents, either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent, and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.
AB - The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents, either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent, and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.
KW - Active databases
KW - Authorization constraints
KW - Authorizations
KW - Roles
KW - Triggers
KW - Workflows
UR - http://www.scopus.com/inward/record.url?scp=0035594917&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=0035594917&partnerID=8YFLogxK
U2 - 10.1023/A:1011461409620
DO - 10.1023/A:1011461409620
M3 - Article
AN - SCOPUS:0035594917
VL - 3
SP - 319
EP - 338
JO - Information Systems Frontiers
JF - Information Systems Frontiers
SN - 1387-3326
IS - 3
ER -