Return to search

Using JESS for Enforcing Separation of Duties and Binding of Duties in a Web Services-based Workflow

Open distributed environments such as the World Wide Web facilitate information sharing but provide limited support to the protection of sensitive information and resources. Web services have become a part of components for quickly building a business process that satisfies the business goal of an organization, and access control is imperative to prevent the illegal access of sensitive information. In recent years, several researches have investigated the Web services-based workflow access control problem, and selection approaches for choosing the performer for each task so as to satisfy all access control constraints have been proposed. Based on the role-based access control model, we focus on two types of access control: separation of duties and binding of duties. Both role-level and participant-level of SoDs and of BoDs that need to be dynamically enforced are considered in this thesis. While dealing with complex and flexible business logics, we use rule engine to reasons with the business facts to get the result based on business rules. The proposed approach is evaluated by a workflow scenario and is shown to be flexible to develop new process with dynamic access control constraints at the cost of higher execution time.

Identiferoai:union.ndltd.org:NSYSU/oai:NSYSU:etd-0729110-162449
Date29 July 2010
CreatorsJang, Yu-Shu
ContributorsWan-Shiou Yang, San-Yih Hwang, Fu-Ren Lin
PublisherNSYSU
Source SetsNSYSU Electronic Thesis and Dissertation Archive
LanguageEnglish
Detected LanguageEnglish
Typetext
Formatapplication/pdf
Sourcehttp://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0729110-162449
Rightsnot_available, Copyright information available at source archive

Page generated in 0.002 seconds