Document Type
Article
Publication Date
1-2002
Abstract
Workflow Management Systems (WfMSs) are used to support the modeling and coordinated execution of business processes within an organization or across organizational boundaries. Although some research efforts have addressed requirements for authorization and access control for workflow systems, little attention has been paid to the requirements as they apply to application data accessed or managed by WfMSs. In this paper, we discuss key access control requirements for application data in workflow applications using examples from the healthcare domain, introduce a classification of application data used in workflow systems by analyzing their sources, and then propose a comprehensive data authorization and access control mechanism for WfMSs. This involves four aspects: role, task, process instance-based user group, and data content. For implementation, a predicate-based access control method is used. We believe that the proposed model is applicable to workflow applications and WfMSs with diverse access control requirements.
Repository Citation
Wu, S.,
Sheth, A. P.,
Miller, J. A.,
& Luo, Z.
(2002). Authorization and Access Control of Application Data in Workflow Systems. Journal of Intelligent Information Systems, 18 (1), 71-94.
https://corescholar.libraries.wright.edu/knoesis/689
DOI
10.1023/A:1012972608697
Included in
Bioinformatics Commons, Communication Technology and New Media Commons, Databases and Information Systems Commons, OS and Networks Commons, Science and Technology Studies Commons
Comments
Attached is the unpublished, author's version of this article. The final publication is available at Springer via http://dx.doi.org/10.1023/A:1012972608697.