On Specifying and Enforcing Access Control of Web Services Based Workflows
碩士 === 國立中山大學 === 資訊管理學系研究所 === 97 === Web services have become the de facto standards as components for quickly building a business process that satisfies the business goal of an organization. Nowadays, Web services have found its way into describing the functions of automatic tasks as well as manu...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | en_US |
| Published: |
2009
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/we87mh |
| Summary: | 碩士 === 國立中山大學 === 資訊管理學系研究所 === 97 === Web services have become the de facto standards as components for quickly building a business process that satisfies the business goal of an organization. Nowadays, Web services have found its way into describing the functions of automatic tasks as well as manual tasks. An important part in the specification of a business process, especially for manual tasks, is the access control. This thesis considers both types of tasks involved in a Web services-based process with its corresponding access control problem and proposes a selection approach for choosing the performer for each task so as to satisfy all access control constraints. Based on the role-based access control model, we focus on two types of access control: separation of duties (SoD) and binding of duties (BoD). Both role-level and participant-level of SoDs and of BoDs that need to be dynamically enforced and these constraints are considered in this thesis. The proposed performer selection approach is evaluated by a workflow scenario and is shown to have the highest chance of satisfying all predefined access control constraints when compared to other methods.
|
|---|