A secure task delegation model for workflows

Proceedings - 2nd Int. Conf. Emerging Security Inf., Systems and Technologies, SECURWARE 2008, Includes DEPEND 2008: 1st Int. Workshop on Dependability and Security in Complex and Critical Inf. Sys.

Volumn , Issue , 2008, Pages 10-15

  Gaaloul, Khaled ^a,b   Schaad, Andreas ^a   Flegel, Ulrich ^a   Charoy, François ^b  

^a SAP RESEARCH   (Germany)

^b LORIA   (France)

Author keywords

[No Author keywords available]

Indexed keywords

DATA STRUCTURES; WORK SIMPLIFICATION;

EXCEPTION HANDLINGS; FIXED SETS; STATE MACHINES; TASK ASSIGNMENTS; TASK DELEGATIONS; WORKFLOW MANAGEMENT SYSTEMS; WORKFLOWS;

MANAGEMENT;

EID: 55849098600     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SECURWARE.2008.21     Document Type: Conference Paper

References (17)

1. Andreas Schaad. A framework for evidence lifecycle management. InWeb Information Systems Engineering, Proceedings of the WISE 2007 International Workshops, Nancy, France, Lecture Notes in Computer Science, pages 191-200. Springer, 2007.
2. Patrick C. K. Hung and Kamalakar Karlapalem. A secure workflow model. In ACSW Frontiers '03: Proceedings of the Australasian information security workshop conference on ACSW frontiers, pages 33-41. Australian Computer Society, Inc., 2003.
3. Vijayalakshmi Atluri, Wei-Kuang Huang, and Elisa Bertino. An execution model for multilevel seccure workflows. In Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI, pages 151-165, London, UK, 1998. Chapman & Hall, Ltd.
4. Nick Russell, Wil M. P. van der Aalst, Arthur H. M. ter Hofstede, and David Edmond. Workflow resource patterns: Identification, representation and tool support. In Proceedings of the Advanced Information Systems Engineering, 17th International Conference, CAiSE 2005, Porto, Portugal, pages 216-232, 2005.
5. E. Barka and R. Sandhu. Framework for role-based delegation models. In Proceedings of the 16th Annual Computer Security Applications Conference, pages 168-176, Washington, DC, USA, 2000. IEEE Computer Society.
6. Khaled Gaaloul, François Charoy, Andreas Schaad, and Hannah Lee. Collaboration for human-centric egovernment workflows. In Web Information Systems Engineering, Proceedings of the WISE 2007 International Workshops, Nancy, France, Lecture Notes in Computer Science, pages 201-212. Springer, 2007.
7. Workflow Management Coalition. Workflow Management Coalition Terminology and Glossary. Document Number WFMC-TC-1011, February 1999.
8. Web Services Human Task. (WS-HumanTask), Version 1.0, June 2007. http://www.active-endpoints.com/documents/documents/1/WS-Human Task-v1.pdf.
9. Martin S. Olivier, Reind P. van de Riet, and Ehud Gudes. Specifying application-level security in workflow systems. In DEXA '98: Proceedings of the 9th International Workshop on Database and Expert.Systems Applications, pages 346-351, Washington, DC, USA, 1998. IEEE Computer Society.
10. Mathias Kohler and Andreas Schaad. Avoiding Policy-based Deadlocks in Business Processes. In Proceedings of the The Third International Conference on Availability, Reliability and Security, ARES 2008, pages 709-716, Technical University of Catalonia, Barcelona, Spain, IEEE Computer Society.
11. R4eGov Technical Annex 1. Towards e-Administration in the large, March 2006. http://www.r4egov.eu.
12. Longhua Zhang, Gail-Joon Ahn, and Bei-Tseng Chu. A rule-based framework for role-based delegation and revocation. ACM Transactions on Information and System Security, 6(3):404-441, 2003.
13. David W. Chadwick and Alexander Otenko. The PERMIS X.509 role based privilege management infrastructure. SACMAT '02: Proceedings of the seventh ACM symposium on Access control models and technologies, June 3-4, 2002, pages 135-140, Monterey, California, USA, ACM.
14. Workflow Management Coalition. Workflow Security Considerations. White Paper, Document Number WFMC-TC-1019, 2001.
15. Andreas Belokosztolszki, David M. Eyers, and Ken Moody. Policy Contexts: Controlling Information Flow in Parameterised RBAC. In POLICY '03: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks, page 99, Washington, DC, USA, 2003. IEEE Computer Society.
16. Xinwen Zhang, Sejong Oh, and Ravi Sandhu. PBDM: a flexible delegation model in RBAC. In SACMAT '03: Proceedings of the eighth ACM symposium on Access control models and technologies, pages 149-157, New York, NY, USA, 2003. ACM Press.
17. Jason Crampton and Hemanth Khambhammettu. Delegation in role-based access control. In Proceedings of the Computer Security -ESORICS 2006, 11th European Symposium on Research in Computer Security, Hamburg, Germany, September 18-20, 2006, Lecture Notes in Computer Science, pages 174-191. Springer, 2006.