Access Control for Workflow Environment: The RTFW Model | SpringerLink
Skip to main content
Springer Nature Link
Log in

Access Control for Workflow Environment: The RTFW Model

  • Conference paper
Computer Supported Cooperative Work in Design III (CSCWD 2006)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4402))

Abstract

In workflow environments, access control is an important issue of security. Especially, a suitable access control model to meet the special secure requirements is needed. In this paper, we present a formal model, called RTFW, which allows for some ubiquitous problems in workflow environments, such as separation of duty and dynamic authorization, combining the notions of role– based access control (RBAC) and task- based access control (TBAC) models. Furthermore, we describe how to design and implement its prototype system and discuss some key issues and challenges.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Fan, Y., Shi, W., Wu, C.: Fundamentals of Workflow Management Technology, pp. 30–35. Springer, New York (2001)

    Google Scholar 

  2. Sandhu, R., et al.: Role-based Access Control Models. IEEE Computer 29, 38–47 (1996)

    Google Scholar 

  3. Thomas, R., Sandhu, R.: Task-based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-oriented Authorization Management. In: Database Security, XI: Status and Prospects-Results of the IFIP WG11.3 Workshop on Database Security, pp. 166–181. Chapman and Hall, Boca Raton (1997)

    Google Scholar 

  4. Saltzer, J.H., Schroeder, M.D.: The Protection of Information in Computer Systems. Proceedings of IEEE 63, 1278–1308 (1975)

    Article  Google Scholar 

  5. Ahn, G.J., Sandhu, R.: The RSL99 Language for Rolebased Separation of duty constraints. In: Proceedings of the 4th ACM Workshop on Role-based Access Control, pp. 43–54 (1999)

    Google Scholar 

  6. Nyanchama, M., Osborn, S.: The role-graph model and conflict of interest. ACM Transactions on Information and System Security 2, 3–33 (1999)

    Article  Google Scholar 

  7. Thomas, R., Sandhu, R.: Conceptual Foundations for a Model of Task-based Authorizations. In: Proceedings of the 7th IEEE Computer Security Foundations Workshop, Franconia, NH, pp. 66–79 (1994)

    Google Scholar 

  8. Botha, R.A.: CoSAWoE: A Model for Context-sensitive Access Control in Workflow Environments. PhD Thesis, Johannesburg, South Africa, 87–100 (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, Southeast University, Nanjing, P.R. China

    Hao Jiang & Shengye Lu

Authors
  1. Hao Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shengye Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Weiming Shen Junzhou Luo Zongkai Lin Jean-Paul A. Barthès Qi Hao

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jiang, H., Lu, S. (2007). Access Control for Workflow Environment: The RTFW Model. In: Shen, W., Luo, J., Lin, Z., Barthès, JP.A., Hao, Q. (eds) Computer Supported Cooperative Work in Design III. CSCWD 2006. Lecture Notes in Computer Science, vol 4402. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72863-4_63

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-72863-4_63

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-72862-7

  • Online ISBN: 978-3-540-72863-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation