The Library
Modelling workflow executions under role-based authorisation control
Tools
He, Ligang, Duan, Kewei, Chen, Xueguang, Zou, Deqing, Han, Zongfen, Fadavinia, Ali and Jarvis, Stephen A. (2011) Modelling workflow executions under role-based authorisation control. In: 8th IEEE International Conference on Services Computing (ICSC'11), Washington DC, USA, 4-9 July 2011. Published in: 2011 IEEE International Conference on Services Computing (SCC) pp. 200-208. ISBN 9781457708633. doi:10.1109/HiPC.2011.6152727
|
PDF
WRAP_He_Modelling_Workflow_Executions_under_Role-based_Authorisation_Control.pdf - Accepted Version - Requires a PDF viewer. Download (2488Kb) | Preview |
Official URL: http://dx.doi.org/10.1109/SCC.2011.56
Abstract
Workflows are often used to represent enterprise-type activities, and authorisation control is an important security consideration in enterprise-level applications. Role-Based Access Control (RBAC) is a popular authorisation control scheme under which users are assigned to certain roles, and the roles are associated with permissions. This paper presents a novel mechanism for modelling workflow execution in cluster-based resource pools under Role-Based Access Control (RBAC) schemes. Our modelling approach uses Coloured Timed Petri-Nets, and various authorisation constraints are modelled, including role constraints, temporal constraints, cardinality constraints, Binding of Duty and Separation of Duty constraints, etc. The interactions between workflow authorisation and workflow execution are also captured in the model. In this paper, the modelling mechanism is developed in such a fashion that the construction of the authorisation model for a workflow can be automated. This feature is very helpful in modelling a large collection of authorisation policies or complex workflows. A Petri-net simulation tool, the CPN-Tool, is utilised to implement the developed modelling mechanism and simulate the constructed model. Both system-level performance (e.g., utilisation of resource pools) and application-level performance (e.g., workflow response time) can be obtained from model simulations. This work can be used to plan system capacity and investigate the impact of authorization policies on system and application performance.
Item Type: | Conference Item (Paper) | ||||
---|---|---|---|---|---|
Subjects: | Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software | ||||
Divisions: | Faculty of Science, Engineering and Medicine > Science > Computer Science | ||||
Library of Congress Subject Headings (LCSH): | Workflow -- Computer programs, Computers -- Access control | ||||
Journal or Publication Title: | 2011 IEEE International Conference on Services Computing (SCC) | ||||
Publisher: | IEEE | ||||
ISBN: | 9781457708633 | ||||
Official Date: | July 2011 | ||||
Dates: |
|
||||
Page Range: | pp. 200-208 | ||||
DOI: | 10.1109/HiPC.2011.6152727 | ||||
Status: | Peer Reviewed | ||||
Publication Status: | Published | ||||
Access rights to Published version: | Restricted or Subscription Access | ||||
Date of first compliant deposit: | 21 December 2015 | ||||
Date of first compliant Open Access: | 21 December 2015 | ||||
Conference Paper Type: | Paper | ||||
Title of Event: | 8th IEEE International Conference on Services Computing (ICSC'11) | ||||
Type of Event: | Conference | ||||
Location of Event: | Washington DC, USA | ||||
Date(s) of Event: | 4-9 July 2011 |
Request changes or add full text files to a record
Repository staff actions (login required)
View Item |
Downloads
Downloads per month over past year