About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
Journal of Computing and Information Technology
Paper
Design of an integrated role-based access control infrastructure for adaptive workflow systems
Abstract
With increasing numbers of organizations automating their business processes by using workflow systems, security aspects of workflow systems has become a heavily researched area. Also, most workflow processes nowadays need to be adaptive, i.e., constantly changing, to meet changing business conditions. However, little attention has been paid to integrating Security and Adaptive Workflow. In this paper, we investigate this important research topic, with emphasis on Role-Based Access Control (RBAC) in Adaptive Workflow. Based on our earlier work on a 3-tier adaptive workflow archi-tecture, we present the design of a similar 3-tier RBAC infrastructure, and we show that it conceptually mirrors our adaptive workflow architecture. We also describe the mappings between them, and we show how this mapping can be used to manage organizational RBAC constraints when the workflows are being adapted continuously. We illustrate our ideas throughout the paper with a simple yet non-trivial example.