A framework for access control in workflow systems

Information Management and Computer Security

Volumn 9, Issue 2-3, 2001, Pages 126-133

  Botha, Reinhardt A ^a   Eloff, Jan H P ^a  

^a NELSON MANDELA METROPOLITAN UNIVERSITY   (South Africa)

Author keywords

Access control; BPR; Computer software

Indexed keywords

COMPUTER SOFTWARE; OPTIMIZATION; REENGINEERING; SECURITY OF DATA;

ACCESS CONTROL;

INFORMATION TECHNOLOGY;

EID: 0035780846     PISSN: 09685227     EISSN: None     Source Type: Journal    
DOI: 10.1108/09685220110394848     Document Type: Review

References (16)

1. Atluri, V. and Huang, W.-K. (1996), "An authorization model for workflows", Proceedings of the Fifth European Symposium on Research in Computer Security, Rome, pp. 44-64.
2. Bertino, E., Ferrari, E. and Atluri, V. (1999), "Specification and enforcement of authorization constraints in workflow management systems", ACM Transactions on Information and System Security, Vol. 2 No. 1, pp. 65-104.
3. Brandau, R., Confrey, T., D'Silva, A., Matheus, C.J. and Weihmayer, R. (1999), "Reinventing GTE with information technology", IEEE Computer, Vol. 32 No. 3, pp. 50-8.
4. Davenport, T.H. (1995), Process Innovation: Re-engineering Work through Information technology, Harvard Business School Press, Boston, MA.
5. Davidson, W.H. (1993), "Beyond re-engineering: the three phases of business transformation", IBM Systems Journal, Vol. 38 Nos 2 and 3, pp. 485-99.
6. Earl, M.J., Sampler, J.L. and Short, J.E. (1995), "Strategies for business process reengineering: evidence from field studies", Journal of Management Information Systems, Vol. 12 No. 1, pp. 31-56.
7. Evans, G.N., Mason-Jones, R. and Towill, D.R. (1999), "The scope paradigm of business process re-engineering", Business Process Management Journal, Vol. 5 No. 2, pp. 121-35.
8. Garber, L. (1999), "IT must focus on transforming business for e-commerce", IT Professional, Vol. 1 No. 6, p. 88.
9. Hollingsworth, D. (1995), The Workflow Reference Model, Document Number TC-00-1003. Issue 1.1. Available from www.wfmc.org.
10. ISO (1989) ISO 7498-2: Information Processing Systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture.
11. Kettinger, W.J., Teng, J.T.C. and Guha, S. (1997), "Business process change: a study of methodologies, techniques, and tools", MIS Quarterly, Vol. 21 No. 1, pp. 55-80.
12. Khandwalla, P.N. (1977), The Design of Organizations, Harcourt Brace Jovanovich Publishers, New York, NY.
13. Long, D.L., Baker, J. and Fung, F. (1999), "A prototype secure workflow server", Proceedings of the 15th Annual Computer Security Applications Conference, Radisson Resort Scottsdale, Phoenix, AZ, pp. 129-38.
14. Nyanchama, M. and Osborn, S. (1999), "The role-graph model and conflict of interest", ACM Transactions on Information and Systems Security, Vol. 2 No. 1, pp. 3-33.
15. Sandhu, R.S., Coyne, E.J., Fenstein, H.L. and Youman, C.E. (1996), "Role-based access control models", IEEE Computer, Vol. 29 No. 2, pp. 38-47.
16. von Solms, R. (1999), "Information security management: why standards are important", Information Management and Computer Security, Vol. 7 No. 1, pp. 50-7.