Abstract: This paper proposes a secure role-based workflow model, which combines the role-based access control RBAC96 with workflow. Concepts such as DcAC, EP, EPA, IP, IPA are proposed to be convenient for interpreting authorization management. The model is expressed by a formal description and a graph. Compared with the former role-based models, its security researches focus on dealing with the authorization relationships among roles, tasks and documents, can manage the authorization on documents better than them.

Key words: role, security, workflow

摘要： 将基于角色的访问控制模型RBAC96应用到工作流中，设计一个基于角色的安全工作流模型，给出该模型的形式化描述和图形表示。定义DcAC, EP, EPA, IP, IPA的概念，用于管理模型中的授权。与以往基于角色的工作流模型相比，着重处理文档、任务与角色三者之间的权限关系，加强对文档权限部分的管理。

关键词: 角色, 安全, 工作流

CLC Number: 

• TP309