Managing Workflow Authorization Constraints through Active Database Technology

Fabio Casati, Silvana Castano, Maria Grazia Fugini

Research output: Contribution to journalArticle

63 Citations (Scopus)

Abstract

The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents, either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent, and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.

Original languageEnglish
Pages (from-to)319-338
Number of pages20
JournalInformation Systems Frontiers
Volume3
Issue number3
DOIs
Publication statusPublished - 2001
Externally publishedYes

Fingerprint

Authorization
Work Flow
Assignment
Workflow Management System
Security Policy
Dependent

Keywords

  • Active databases
  • Authorization constraints
  • Authorizations
  • Roles
  • Triggers
  • Workflows

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Software
  • Information Systems
  • Computer Networks and Communications

Cite this

Managing Workflow Authorization Constraints through Active Database Technology. / Casati, Fabio; Castano, Silvana; Fugini, Maria Grazia.

In: Information Systems Frontiers, Vol. 3, No. 3, 2001, p. 319-338.

Research output: Contribution to journalArticle

Casati, Fabio ; Castano, Silvana ; Fugini, Maria Grazia. / Managing Workflow Authorization Constraints through Active Database Technology. In: Information Systems Frontiers. 2001 ; Vol. 3, No. 3. pp. 319-338.
@article{5abd67cc1ed5481eb733e948d146e610,
title = "Managing Workflow Authorization Constraints through Active Database Technology",
abstract = "The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents, either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent, and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.",
keywords = "Active databases, Authorization constraints, Authorizations, Roles, Triggers, Workflows",
author = "Fabio Casati and Silvana Castano and Fugini, {Maria Grazia}",
year = "2001",
doi = "10.1023/A:1011461409620",
language = "English",
volume = "3",
pages = "319--338",
journal = "Information Systems Frontiers",
issn = "1387-3326",
publisher = "Springer Netherlands",
number = "3",

}

TY - JOUR

T1 - Managing Workflow Authorization Constraints through Active Database Technology

AU - Casati, Fabio

AU - Castano, Silvana

AU - Fugini, Maria Grazia

PY - 2001

Y1 - 2001

N2 - The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents, either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent, and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.

AB - The execution of workflow processes requires authorizations for enforcing the assignment of tasks to agents, either human or automated, according to the security policy of the organization. This paper presents a workflow authorization framework based on roles and organizational levels, and on authorization constraints. To facilitate the assignment of tasks to agents, roles and organizational levels are organized into hierarchies. Authorization constraints are introduced to specify instance-dependent, time-dependent, and history-dependent authorizations. Authorization constraints are specified in terms of active rules, used also for authorization management. The Workflow Management System determines authorized agents on the basis of the contents of an authorization base maintained through the active rules defined in the system.

KW - Active databases

KW - Authorization constraints

KW - Authorizations

KW - Roles

KW - Triggers

KW - Workflows

UR - http://www.scopus.com/inward/record.url?scp=0035594917&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0035594917&partnerID=8YFLogxK

U2 - 10.1023/A:1011461409620

DO - 10.1023/A:1011461409620

M3 - Article

VL - 3

SP - 319

EP - 338

JO - Information Systems Frontiers

JF - Information Systems Frontiers

SN - 1387-3326

IS - 3

ER -