Dynamic access control through Petri net workflows

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn 2000-January, Issue , 2000, Pages 159-167

  Knorr, K ^a  

^a UNIVERSITY OF ZURICH   (Switzerland)

Author keywords

Access control; Authorization; Equations; Information systems; Information technology; Mathematical model; Permission; Petri nets; Protection; Solid modeling

Indexed keywords

INFORMATION SYSTEMS; INFORMATION TECHNOLOGY; MATHEMATICAL MODELS; PETRI NETS; SECURITY OF DATA; SECURITY SYSTEMS;

AUTHORIZATION; EQUATIONS; PERMISSION; PROTECTION; SOLID MODEL;

ACCESS CONTROL;

EID: 1642309744     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ACSAC.2000.898869     Document Type: Conference Paper

References (27)

1. N. R. Adam, V. Atluri, and W.-K. Huang. Modeling and Analysis of Workflows Using Petri Nets. Journal of Intelligent Information Systems, Special Issue on Workflow and Process Management, 10(2):131-158, March 1998.
2. V. Atluri and W.-K. Huang. An Authorization Model for Workflows. In Proceedings of the 4th European Symposium on Research in Computer Security. Springer, 1996.
3. E. Bertino, E. Ferrari, and V. Atluri. A Flexible Model Supporting the Specification and Enforcement of Role-based Authorizations in Workflow Management Systems. In Proceedings of the 2nd ACM Workshop on Role-based Access Control, Fairfax, Virgina, 1997.
4. E. Bertino, E. Ferrari, and V. Atluri. The Specification and Enforcement of Authorization Constraints in Workflow Management Systems. ACM Transactions on Information and System Security, 2(1):65-104, February 1999.
5. C. J. Bussler. Policy Resolution in Workflow Management Systems. Digital Technical Journal, 6(4), 1994.
6. D. Cholewka, R. Botha, and J. Eloff. A Contex-Sensitive Access Control Model and Prototype Implementation. In J. H. Eloff and S. Qing, editors, 16th Annual Working Conference on Information Security, pages 341-350. IFIP TC 11, Kluwer Academic Publishers, August 2000.
7. D. E. R. Denning. Cryptography and Data Security. Addison-Wesley, 1983.
8. D. Georgakopoulos, M. Hornick, and A. Sheth. An Overview of Workflow Management: From Process Modeling to Workflow Automation Infrastructure. Distributed and Parallel Databases, 3:119-153, 1995.
9. L. Harn and H. Lin. Integration of User Authentication and Access Control. IEE Proceedings-E, 139(2), March 1992.
10. R. Holbein. Secure Information Exchange in Organisations - An Approach for Solving the Information Misuse Problem. PhD thesis, Universität Zürich, 1996.
11. R. Holbein, S. Teufel, O. Morger, and K. Bauknecht. Need-to-know Access Controls for Medical Systems. In Proceedings IFIP TCII WG 11.2 Small Systems Security, Copenhagen, 1997.
12. S. Jablonski, M. Böhm, and W. Schulze, editors. Workflow-Management - Entwicklung von Anwendungen und Systemen - Facetten einer neuen Technologie. dpunkt.verlag, 1997.
13. K. Jensen. Coloured Petri Nets - Basic Concepts, Analysis Methods and Practical Use, Volume 1-3. EATCS Monographs on Theoretical Computer Science. Springer, 1997.
14. L. G. Lawrence. The Role of Roles. Computers & Security, (12):15-21, 1993.
15. F. Leymann and W. Altenhuber. Managing Business Processes as an Information Resource. IBM Systems Journal, 33(2):326-348, 1994.
16. E. W. Mayr. An Algorithm for the General Petri Net Reachability Problem. SIAM Journal, 13(3):441-460, 1984.
17. A. Oberweis. Modellierung und Ausführung von Workflows mit Petri-Netzen. Teubner-Reihe Wirtschaftsinformatik. B.G. Teubner, 1996.
18. C. A. Petri. Kommunikation mit Automaten. PhD thesis, Institut für instrumentelle Mathematik der Universität Bonn, 1962.
19. W. Reisig. Petri Nets - An Introduction. EATCS Monographs on Theoretical Computer Science. Springer-Verlag, 1985.
20. R. Sandhu. Role-Based Access Control Models. IEEE Computer, 29(2):34-47, Feb. 1996.
21. R. K. Thomas and R. S. Sandhu. Towards a Task-based Paradigm for Flexible and Adaptable Access Control in Distributed Applications. In Proceedings of the 1992-1993 ACM SIGSAC New Security Paradigms Workshop, pages 138-142, Little Compton, RI, 1993.
22. R. K. Thomas and R. S. Sandhu. Conceptual Foundations for a Model of Task-based Authorizations. In Proceedings of the 7th IEEE Computer Secuity Foundations Workshop, pages 66-79, Franconia, NH, June 1994.
23. R. K. Thomas and R. S. Sandhu. Task-based Authorization Controls (TBAC): Models For Active and Enterprise-oriented Authorization Management. In Proceedings of the 11th IFIP WG 11.3 Conference on Database Security, Lake Tahoe, CA, August 1997.
24. W. van der Aalst. Verification of Workflow Nets. In P. Azema and G. Balbo, editors, Application and Theory of Petri Nets 1997, volume 1248 of Lecture Notes in Computer Science, pages 407-426. Springer-Verlag, 1997.
25. W. van der Aalst. The Application of Petri Nets to Workflow Management. The Journal of Circuits, Systems and Computers, 8(1):21-66, 1998.
26. Workflow Management Coalition. Terminology and Glossary. http://www.aiim.org/wfmc/, Feb. 1999. Document Number TC-1011.
27. S. Yen and C. Laih. On the Design of Dynamic Access Control Scheme with User Authentication. Computer & Mathematics with Applications, 25(7):27-32, April 1993.