摘要
提出了一个基于RBAC的工作流授权模型RWAM,与传统的基于主体-客体的授权模型不同,该模型提出了时态权限的概念,表示只能在某个时间段内,对某个任务执行某种操作.这样不仅可以保证组成工作流的任务只能被属于某个特定角色的用户执行,而且可以保证授权流与工作流是同步的.
This paper proposed a workflow authorization model based on RBAC. Different from traditional authorization models based on subject-object pattern, this model provides the notion of temporal permission which represents the fact that can only perform certain operation on a task for a certain time interval, this can not only ensure that only authorized users could execute a task but also ensure that the authorization flow is synchronized with workflow.
出处
《小型微型计算机系统》
CSCD
北大核心
2005年第3期544-547,共4页
Journal of Chinese Computer Systems
关键词
工作流授权
时态权限
RBAC
workflow authorization
temporal permission
RBAC.
