Domain Administration of Task-role Based Access Control for Process Collaboration Environments
The fast evolving workflow technologies facilitate organizations to interact and cooperate with each other to achieve their business goals by process collaborations. Taskrole based access control is an important security mechanism to protect data and resources in information systems. However, the traditional centralized authorization and administration mechanism in access control can not satisfy the administrative requirements in process collaboration environments. In this paper, we propose a domain based administration model for task-role based access control (DATRBAC), in which the authorization and administration permissions are distributed to multiple administrative domains and administrative roles. Then we propose the solution to detect and resolve the conficts between access control policies defined by different administrative roles. We also described the implementation of the model in the PLM product and the experiments based on the practical application data.
Access Control Workflow Process Collaboration Administrative Role Administrative Domain
Yahui Lu Li Zhang
College of Software Shenzhen University Shenzhen 518060,P.R.China School of Software Tsinghua University Beijing 100084,P.R.China
国际会议
The Fifth International Conference on Information Assurance and Security(第五届信息保障与安全国际会议)
西安
英文
643-647
2009-08-18(万方平台首次上网日期,不代表论文的发表时间)