Implementing the CoSaWoE models in a commercial workflow product
- Authors: Erwee, Carmen
- Date: 2005
- Subjects: Computers -- Access control , Workflow , Computer security , Data protection
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9732 , http://hdl.handle.net/10948/169 , Computers -- Access control , Workflow , Computer security , Data protection
- Description: Workflow systems have gained popularity not only as a research topic, but also as a key component of Enterprize Resource Planning packages and e- business. Comprehensive workflow products that automate intra- as well inter-organizational information flow are now available for commercial use. Standardization efforts have centered mostly around the interoperability of these systems, however a standard access control model have yet to be adopted. The research community has developed several models for access control to be included as part of workflow functionality. Commercial systems, however, are still implementing access control functionality in a proprietary manner. This dissertation investigates whether a comprehensive model for gain- ing context-sensitive access control, namely CoSAWoE, can be purposefully implemented in a commercial workflow product. Using methods such as an exploratory prototype, various aspects of the model was implemented to gain an understanding of the di±culties developers face when attempting to map the model to existing proprietary software. Oracle Workflow was chosen as an example of a commercial workflow product. An investigtion of the features of this product, together with the prototype, revealed the ability to affect access control in a similar manner to the model: by specifying access control constraints during administration and design, and then enforcing those constraints dynamically during run-time. However, only certain components within these two aspects of the model directly effected the commercial workflow product. It was argued that the first two requirements of context-sensitive access control, order of events and strict least privilege, addressed by the object design, role engineering and session control components of the model, can be simulated if such capabilities are not pertinently available as part of the product. As such, guidelines were provided for how this can be achieved in Oracle Workflow. However, most of the implementation effort focussed on the last requirement of context-sensitive access control, namely separation of duties. The CoSAWoE model proposes SoD administration steps that includes expressing various business rules through a set of conflicting entities which are maintained outside the scope of the workflow system. This component was implemented easily enough through tables which were created with a relational database. Evaluating these conflicts during run-time to control worklist generation proved more di±cult. First, a thorough understanding of the way in which workflow history is maintained was necessary. A re-usable function was developed to prune user lists according to user involvement in previous tasks in the workflow and the conflicts specified for those users and tasks. However, due to the lack of a central access control service, this re- usable function must be included in the appropriate places in the workflow process model. Furthermore, the dissertation utilized a practical example to develop a prototype. This prototype served a dual purpose: firstly, to aid the author's understanding of the features and principles involved, and secondly, to illustrate and explore the implementation of the model as described in the previous paragraphs. In conclusion the dissertation summarized the CoSAWoE model's compo- nents which were found to be product agnostic, directly or indirectly imple- mentable, or not implemented in the chosen workflow product. The lessons learnt and issues surrounding the implementation effort were also discussed before further research in terms of XML documents as data containers for the workfow process were suggested.
- Full Text:
- Date Issued: 2005
- Authors: Erwee, Carmen
- Date: 2005
- Subjects: Computers -- Access control , Workflow , Computer security , Data protection
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9732 , http://hdl.handle.net/10948/169 , Computers -- Access control , Workflow , Computer security , Data protection
- Description: Workflow systems have gained popularity not only as a research topic, but also as a key component of Enterprize Resource Planning packages and e- business. Comprehensive workflow products that automate intra- as well inter-organizational information flow are now available for commercial use. Standardization efforts have centered mostly around the interoperability of these systems, however a standard access control model have yet to be adopted. The research community has developed several models for access control to be included as part of workflow functionality. Commercial systems, however, are still implementing access control functionality in a proprietary manner. This dissertation investigates whether a comprehensive model for gain- ing context-sensitive access control, namely CoSAWoE, can be purposefully implemented in a commercial workflow product. Using methods such as an exploratory prototype, various aspects of the model was implemented to gain an understanding of the di±culties developers face when attempting to map the model to existing proprietary software. Oracle Workflow was chosen as an example of a commercial workflow product. An investigtion of the features of this product, together with the prototype, revealed the ability to affect access control in a similar manner to the model: by specifying access control constraints during administration and design, and then enforcing those constraints dynamically during run-time. However, only certain components within these two aspects of the model directly effected the commercial workflow product. It was argued that the first two requirements of context-sensitive access control, order of events and strict least privilege, addressed by the object design, role engineering and session control components of the model, can be simulated if such capabilities are not pertinently available as part of the product. As such, guidelines were provided for how this can be achieved in Oracle Workflow. However, most of the implementation effort focussed on the last requirement of context-sensitive access control, namely separation of duties. The CoSAWoE model proposes SoD administration steps that includes expressing various business rules through a set of conflicting entities which are maintained outside the scope of the workflow system. This component was implemented easily enough through tables which were created with a relational database. Evaluating these conflicts during run-time to control worklist generation proved more di±cult. First, a thorough understanding of the way in which workflow history is maintained was necessary. A re-usable function was developed to prune user lists according to user involvement in previous tasks in the workflow and the conflicts specified for those users and tasks. However, due to the lack of a central access control service, this re- usable function must be included in the appropriate places in the workflow process model. Furthermore, the dissertation utilized a practical example to develop a prototype. This prototype served a dual purpose: firstly, to aid the author's understanding of the features and principles involved, and secondly, to illustrate and explore the implementation of the model as described in the previous paragraphs. In conclusion the dissertation summarized the CoSAWoE model's compo- nents which were found to be product agnostic, directly or indirectly imple- mentable, or not implemented in the chosen workflow product. The lessons learnt and issues surrounding the implementation effort were also discussed before further research in terms of XML documents as data containers for the workfow process were suggested.
- Full Text:
- Date Issued: 2005
A model for the enforcement of history-based separation of duty in heterogeneous workflow environments
- Authors: Papenfus, Carl
- Date: 2001
- Subjects: Reengineering (Management) , Industrial management , Workflow
- Language: English
- Type: Thesis , Masters , MTech (Information Technology)
- Identifier: vital:10797 , http://hdl.handle.net/10948/69 , Reengineering (Management) , Industrial management , Workflow
- Description: The current business world is becoming more and more dependent on electronic business. Many paper documents have been made obsolete by electronic documents, as they are easier to automate and track than paper documents. The increased use of computers within organizations has therefore, lead to an increase in use of workflow software products. The increased use of computer-based workflow has allowed organizations to conduct more types of electronic business. This has lead to electronic business crossing organizational boundaries and subsequently a need for heterogeneous workflow systems. For organizations to use heterogeneous workflow systems they must perform their duties in a seamless and secure manner. It is the author’s belief that History-based Separation of Duty principles can be used to formulate access control strategies that reflect the dynamic nature of heterogeneous workflow systems. History-based Separation of Duties relies on the workflow history of a workflow object to determine the access permissions of a particular user to that workflow object. The required workflow history data must be stored in an easily accessible manner. Although this can be achieved through a centralized approach, it is difficult to achieve in a heterogeneous workflow environment where many unrelated workflow systems are interacting across various computer platforms. The model proposed by this dissertation suggests that the workflow history data of a workflow object travels with it in the form of an electronic document, from one heterogeneous workflow environment to another, as a type of “workflow baggage”. In order for this workflow baggage to be easily accessible to all workflow systems in the heterogeneous workflow environment, it must be stored in a universal format, which is structured to allow it to be easily queried. The Extensible Markup Language (XML) is adopted as an appropriate format for representing workflow baggage. The proposed model hinges on the expression of Separation of Duty requirements in a way that is removed from the application programs. A policy-driven approach is thus adopted. The implementation of the model involves the utilization of four steps: policy expression, baggage evaluation, document processing and baggage collection. The policy expression step is responsible for developing the Separation of Duty constraints to be enforced within the workflow system. During the baggage evaluation step the baggage of the workflow object is evaluated according to the constraints of the Separation of Duty policy. Only users who do not violate any of the Separation of Duty constraints are allowed to process the workflow object. After the workflow object has been processed the information regarding the processing is recorded in the baggage collection step. The proposed model enables heterogeneous workflow systems to share access control information in a flexible and portable way.
- Full Text:
- Date Issued: 2001
- Authors: Papenfus, Carl
- Date: 2001
- Subjects: Reengineering (Management) , Industrial management , Workflow
- Language: English
- Type: Thesis , Masters , MTech (Information Technology)
- Identifier: vital:10797 , http://hdl.handle.net/10948/69 , Reengineering (Management) , Industrial management , Workflow
- Description: The current business world is becoming more and more dependent on electronic business. Many paper documents have been made obsolete by electronic documents, as they are easier to automate and track than paper documents. The increased use of computers within organizations has therefore, lead to an increase in use of workflow software products. The increased use of computer-based workflow has allowed organizations to conduct more types of electronic business. This has lead to electronic business crossing organizational boundaries and subsequently a need for heterogeneous workflow systems. For organizations to use heterogeneous workflow systems they must perform their duties in a seamless and secure manner. It is the author’s belief that History-based Separation of Duty principles can be used to formulate access control strategies that reflect the dynamic nature of heterogeneous workflow systems. History-based Separation of Duties relies on the workflow history of a workflow object to determine the access permissions of a particular user to that workflow object. The required workflow history data must be stored in an easily accessible manner. Although this can be achieved through a centralized approach, it is difficult to achieve in a heterogeneous workflow environment where many unrelated workflow systems are interacting across various computer platforms. The model proposed by this dissertation suggests that the workflow history data of a workflow object travels with it in the form of an electronic document, from one heterogeneous workflow environment to another, as a type of “workflow baggage”. In order for this workflow baggage to be easily accessible to all workflow systems in the heterogeneous workflow environment, it must be stored in a universal format, which is structured to allow it to be easily queried. The Extensible Markup Language (XML) is adopted as an appropriate format for representing workflow baggage. The proposed model hinges on the expression of Separation of Duty requirements in a way that is removed from the application programs. A policy-driven approach is thus adopted. The implementation of the model involves the utilization of four steps: policy expression, baggage evaluation, document processing and baggage collection. The policy expression step is responsible for developing the Separation of Duty constraints to be enforced within the workflow system. During the baggage evaluation step the baggage of the workflow object is evaluated according to the constraints of the Separation of Duty policy. Only users who do not violate any of the Separation of Duty constraints are allowed to process the workflow object. After the workflow object has been processed the information regarding the processing is recorded in the baggage collection step. The proposed model enables heterogeneous workflow systems to share access control information in a flexible and portable way.
- Full Text:
- Date Issued: 2001
- «
- ‹
- 1
- ›
- »