This paper presents a pair of role-based access control models for workflow systems, collectively known as the W-RBAC models. The first of these models, W0-RBAC is based on a framework that couples a powerful RBAC-based permission service and a workflow component with clear separation of concerns for ease of administration of authorizations. The permission service is the focus of the work, providing an expressive logic-based language for the selection of users authorized to perform workflow tasks, with preference ranking. W1-RBAC extends the basic model by incorporating exception handling capabilities through controlled and systematic overriding of constraints.
|Original language||English (US)|
|Number of pages||31|
|Journal||International Journal of Cooperative Information Systems|
|State||Published - Dec 1 2003|
All Science Journal Classification (ASJC) codes
- Information Systems
- Computer Science Applications