Authorization in workflow systems is usually built on top of role-based access control (RBAC); security policies on workflows are then expressed as constraints on the users performing a set of tasks and the roles assigned to them. Unfortunately, when role administration is distributed and potentially untrusted users contribute to the role assignment process, like in the case of Administrative RBAC (ARBAC), collusions may take place to circumvent the intended workflow security policies. In a collusion attack, a set of users of a workflow system collaborates by changing the user-to-role assignment, so as to sidestep the security policies and run up to completion a workflow they could not complete otherwise.In this paper, we study the problem ...
Workflows specify a collection of tasks that must be executed under the responsibility or supervisio...
One reason workflow systems have been criticized as being inflexible is that they lack support for d...
This paper presents a pair of role-based access control models for workflow systems, collectively kn...
Authorization in workflow systems is usually built on top of role-based access control (RBAC), secur...
Authorization in workflow systems is usually built on top of role-based access control (RBAC), secur...
Authorization in workflow systems is usually built on top of role-based access control (RBAC); secur...
Workflow Management Systems (WFMSs) are becoming very popular and are being used to support many of ...
Workflow Management Systems (WFMSs) are becoming very popular and are being used to support many of ...
With increasing numbers of organizations automating their business processes by using workflow syste...
Workflows and role-based access control models need to be suitably merged, in order to allow users t...
Workflows and role-based access control models need to be suitably merged, in order to allow users t...
Assignment of tasks to agents in a workflow (WF) system should occur according to security policies...
We propose a novel scheme for proving administrative role-based access control (ARBAC) policies corr...
With increasing numbers of organizations automating their business processes by using workflow syste...
We propose a novel scheme for proving administrative role-based access control (ARBAC) policies corr...
Workflows specify a collection of tasks that must be executed under the responsibility or supervisio...
One reason workflow systems have been criticized as being inflexible is that they lack support for d...
This paper presents a pair of role-based access control models for workflow systems, collectively kn...
Authorization in workflow systems is usually built on top of role-based access control (RBAC), secur...
Authorization in workflow systems is usually built on top of role-based access control (RBAC), secur...
Authorization in workflow systems is usually built on top of role-based access control (RBAC); secur...
Workflow Management Systems (WFMSs) are becoming very popular and are being used to support many of ...
Workflow Management Systems (WFMSs) are becoming very popular and are being used to support many of ...
With increasing numbers of organizations automating their business processes by using workflow syste...
Workflows and role-based access control models need to be suitably merged, in order to allow users t...
Workflows and role-based access control models need to be suitably merged, in order to allow users t...
Assignment of tasks to agents in a workflow (WF) system should occur according to security policies...
We propose a novel scheme for proving administrative role-based access control (ARBAC) policies corr...
With increasing numbers of organizations automating their business processes by using workflow syste...
We propose a novel scheme for proving administrative role-based access control (ARBAC) policies corr...
Workflows specify a collection of tasks that must be executed under the responsibility or supervisio...
One reason workflow systems have been criticized as being inflexible is that they lack support for d...
This paper presents a pair of role-based access control models for workflow systems, collectively kn...