摘要: 针对基于角色的存取控制模型不适合跨组织环境的问题,扩展组织内部以角色为基础的存取控制,采用一种角色分数机制,并在水平式跨组织工作流程环境中的使用者、角色及工作之间加上更严谨的限制条件,让使用者在虚拟角色集合中,选择一个适当的角色进入跨组织工作流程内执行工作。实验结果证明,该扩展简单有效,企业在进行跨组织工作流程时更具公平性及安全性。
关键词:
组织内,
跨组织,
水平式跨组织,
工作流,
角色,
存取控制
Abstract: The Role-based Access Control(RBAC) is widely applied because of its advantages. For the unsuitability of RBAC in inter-organization environment, the main propose of this research is to extend the characteristics of RBAC on intra-organization workflow. The research puts forward a role score mechanism, and appends more strict constraint to users, roles and activities of horizontal inter-organization workflow. Besides, this research makes sure that a user chooses an appropriate role from virtual role set to execute activity in inter-organization workflow. Proved by the experiment, the extension is simple and effective, and it makes the enterprises more equitable and securable in inter-organization workflow.
Key words:
intra-organization,
inter-organization,
horizontal inter-organization,
workflow,
role,
access control
中图分类号:
武凌, 王浩, 王松涛, 张海. 基于角色的跨组织工作流存取控制机制[J]. 计算机工程, 2012, 38(11): 30-33.
WU Ling, WANG Gao, WANG Song-Chao, ZHANG Hai. Inter-organization Workflow Access Control Mechanism Based on Role[J]. Computer Engineering, 2012, 38(11): 30-33.