Workflow Authorisation in Mediator-Free Environments
Author
M. Shehab, E.Bertino, A. Ghafoor
Abstract
WorkFlow Management Systems (WFMS) coordinate and streamline business
processes. Acquiring workflow authorisations and managing workflow authorisation constraints is
a challenging problem. CurrentWFMSs assume a centralised global workflow authorisation model.
In this paper, we propose a distributed workflow authorisation model with no central authorisation
manager for a mediator-free environment. We provide an on-demand task discovery protocol
that enables domains to discover tasks available in other domains. We formulate the workflow
authorisation problem as a constraint satisfaction problem to select access paths that satisfy all
the workflow authorisation constraints.We propose the Workflow Minimal Authorisation Problem
(WMAP), which selects minimal authorisations required to execute theworkflowtasks. In addition,
we investigate access path overlaps to allow tasks in the same session to share authorisations and
we present the Workflow Minimal Authorisation Problem with path Overlaps (WMAPO). Finally,
we formulate integer programmes to solve both the WMAP and WMAPO.
=
Journal
Int. J. Security and Networks
Affiliation
ECE School, CS Department, Purdue University
Publication Date
2001-01-01