An Access Control Model for Workflows Offering Dynamic Features and Interoperability Ability

Abstract

Workflow management systems (WFMS) are useful in designing and evolving processes such as business processes. Recently, workflow security has been recognized as important. Workflow security issues include network security, authentication, access control, and so on. Our research focuses on access control. This paper proposes a model WfRBAC (role-based access control within workflows) for workflow access control. WfRBAC is an extension of the important RBAC milestone RBAC96. Our research revealed that the dynamic features of managing dynamic role switching, managing dynamic role association change, and preventing indirect information leakage are essential in workflow access control. In addition, interoperability ability to exchange access control information among workflows, and handling constraints are also necessary. Since RBAC96 fails to offer the dynamic features and interoperability, WfRBAC adds mechanisms for them. This paper presents WfRBAC.