Return to search

On Specifying and Enforcing Access Control of Web Services Based Workflows

Web services have become the de facto standards as components for quickly building a business process that satisfies the business goal of an organization. Nowadays, Web services have found its way into describing the functions of automatic tasks as well as manual tasks. An important part in the specification of a business process, especially for manual tasks, is the access control. This thesis considers both types of tasks involved in a Web services-based process with its corresponding access control problem and proposes a selection approach for choosing the performer for each task so as to satisfy all access control constraints. Based on the role-based access control model, we focus on two types of access control: separation of duties (SoD) and binding of duties (BoD). Both role-level and participant-level of SoDs and of BoDs that need to be dynamically enforced and these constraints are considered in this thesis. The proposed performer selection approach is evaluated by a workflow scenario and is shown to have the highest chance of satisfying all predefined access control constraints when compared to other methods.

Identiferoai:union.ndltd.org:NSYSU/oai:NSYSU:etd-0811109-121353
Date11 August 2009
CreatorsChen, Yun-Chih
ContributorsFu-Ren LIN, San-Yih Hwang, Shih-Chieh Hsu, W.S. Yang
PublisherNSYSU
Source SetsNSYSU Electronic Thesis and Dissertation Archive
LanguageEnglish
Detected LanguageEnglish
Typetext
Formatapplication/pdf
Sourcehttp://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0811109-121353
Rightswithheld, Copyright information available at source archive

Page generated in 0.0014 seconds