检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:于万钧[1] 刘大有[2] 刘全[2] 李嘉菲[2]
机构地区:[1]东北电力学院信息工程系,吉林吉林132012 [2]吉林大学计算机科学与技术学院
出 处:《计算机集成制造系统》2005年第9期1312-1318,共7页Computer Integrated Manufacturing Systems
基 金:国家自然科学基金资助项目(60173006);国家863/CIMS主题资助项目(2003AA118020)。~~
摘 要:在工作流管理系统中,数据在工作流任务中流动,执行任务的用户在变化,用户的权限也在变化,现有的授权方法不能很好地描述上述这种职责分离的状态。为此,提出了一个工作流授权约束模型。该模型在工作流应用语境中定义了角色层次函数、任务偏序关系和互斥任务,在此基础上给出了一个基于角色的工作流授权约束语言,它可以准确描述工作流系统的职责分离要求,表达静态、动态授权约束和授权的历史信息,同时,所得到的约束规则集规模相对较小,保证了一致性验证在时间和空间上的可行性。The existing approaches of authorization constraints cannot describe the separation of duties well in the workflow management systems under which with the data movement from one task to next, and the change of task executors and users' access control at any moment. To solve this problem, a model of workflow authorization constraints was proposed. The role level function, the task partial relationship and the conflicting tasks in the context of workflow application were defined in the model. Based on the model, a language named role-task-based Workflow Authorization Language (WAL) was put forward to specify the workflow authorization constraints. The requests on the separation of duties in the workflow system could be correctly described by WAL. Static and authorized historical information could also be expressed. Meanwhile, the size of rules set obtained was relatively smaller. Finally the feasibility of the consistency validation in the time and the space was verified.
分 类 号:TP311[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.15