摘要： 为确保工作流系统安全可靠地工作，在传统基于角色的访问控制模型中引入目标案例、用户管理和目标3个关系元素，设计动态授权机制，构建一种基于动态控制机制的工作流安全访问模型，通过基本约束关系与动态约束条件，保证模型的安全运行，并将其与工作流引擎组件进行集成，为独立安全领域应用提供安全授权服务。应用结果表明，该模型可将动态职责与互惠职责较好地分离，对动态职责进行绑定，为系统工作流安全访问提供技术支持。

关键词: 动态控制机制, 工作流引擎, 动态授权, 访问控制模型, 网络化协同设计

Abstract: In order to ensure the workflow system secure and reliable, this paper introduces three relation elements of Target Case(TC), User Management(UM) and Target(T) in the conventional access control model based on role, designs the dynamic authorization mechanism, and builds a sort of security access model in workflow based on dynamic control mechanism, which ensures the secure running of the model by means of basic constraint relation and dynamic constraint conditions. The model is integrated with workflow engine component to provide the security authorization service for the application of independent security field. Application results show that the model can better separate the dynamic responsibility and reciprocal responsibility, make the binding of dynamic responsibility, and provide technical support for security access of system workflow.

Key words: dynamic control mechanism, workflow engine, dynamic authorization, access control model, networked cooperative design

中图分类号: 

• TP391