Injecting a permission-based delegation model to secure web-based workflow systems

Abstract

Web-based workflow systems have emerged in almost every business because they can support dynamic business processes over heterogeneous computing systems which is the requirement of a modern business. At the same time security and flexibility have become the two most important aspects in those systems. Role-based Access Control has been injected to Web-based workflow systems to control access (without hindering the process), which has greatly facilitated the access control management. However, a high-level user may want to delegate one of his permissions to a member. In this case, a flexible delegation would be required to achieve this functionality. In this research, we investigated the idea of delegation and developed a framework for injecting Permission-based Delegation Model (PBDM(WEB)) to secure Web-based workflow systems. PBDM(WEB) supports Role-based Access Control, flexible permission-based delegation and ability-based delegation, interoperation among multi-domain systems and consistency of authorization.

DOI: 10.1109/ISI.2009.5137279

11 Figures and Tables

Cite this paper

@article{Wang2009InjectingAP, title={Injecting a permission-based delegation model to secure web-based workflow systems}, author={Xiaoran Wang and Coskun Bayrak}, journal={2009 IEEE International Conference on Intelligence and Security Informatics}, year={2009}, pages={101-106} }