Logo der Universität Wien

AW-RBAC: Access Control in Adaptive Workflow Systems


Flexibility is one of the key challenges for Work?ow Systems nowadays. Typically, a work?ow covers the following four aspects which might all be subject to change: control ?ow, data ?ow, organizational structures, and application components (services). Existing work in research and practice shows that changes must be applied in a controlled manner in order to avoid security problems. In this context, attempts have been made to manage administrative or operative changes using role-based access control (RBAC) models. However, most approaches focus on either administrative changes such as role updating and administration or operative changes, for example, inserting a new activity into a running work?ow instance. The distinct handling of certain changes is cumbersome and hence should be reduced by introducing a RBAC model that pays attention to all kinds of possible work?ow changes. Hence, in this paper, we present an extended RBAC model for adaptive work?ow systems (AW-RBAC) that includes change operations and a variety of objects that are subject to change within work?ow systems. Under such a model supervised administrative and operative changes can be enforced on a set of objects in work?ow systems. Doing so, the AW-RBAC model improves security during work?ow changes and reduces administration costs. The AW-RBAC model is evaluated by means of practical examples and a proof-of-concept implementation.

Grafik Top
Grafik Top
Paper in Conference Proceedings or in Workshop Proceedings (Paper)
Event Title
Sixth International Conference on Availability, Reliability and Security
Workflow Systems and Technology
Event Location
Vienna, Austria
Event Type
Event Dates
22-26 August 2011
IEEE Computer Society
Page Range
pp. 25-37
22 August 2011
Official URL
Grafik Top
Contact us
Faculty of Computer Science
University of Vienna

Währinger Straße 29
A-1090 Vienna