摘要： 针对传统工作流访问控制模型的缺陷和分布式工作流管理系统的特性，在基于角色的访问控制模型的3 层访问控制结构的基础上明确引入任务的概念，构造了4 层访问控制结构(用户－角色－任务－权限)，对系统中的任务进行了较好的访问控制，有效解决了传统工作流安全模型的缺陷。同时使管理员的安全控管工作更加灵活、简便。

关键词: 分布式工作流管理系统；访问控制；任务

Abstract: Basing on the main disadvantages of traditional workflow access control models and the feature of distribute workflow management system, this new model is that it imports the concept of task into traditional role based access control model and sets up reasonable 4-layer architecture (user-role-task-permission) to solve issues in traditional workflow security and makes security management jobs more convenient and more flexible.

Key words: Distributed workflow management system; Access control; Task