Skip to Main Content
In recent years, Workflow Management Systems (WFMSs) have gained ground both in research and commercial realms. More and more attentions have been paid on the security of WFMSs. Access control is crucial to security management in WFMSs. Firstly, this paper analyses the dynamic and flexible requirements of access control in the enterprise WFMSs. Then, proposing a novel dynamic access control model which incorporates authorization policies to meet the particular requirement of WFMSs, named PBFW. Different from existing works, the proposed access control model support to grant or revoke permissions to/from roles/users according to the context of WFMSs. Besides, the model enforces separation of duty (SoD) policies during runtime and supplies access control of appropriate granularity for WFMSs. A prototype system is developed to realize the effectiveness of the proposed access control model.