An access control model with task-state sensitivity is proposed to address the issue that the synchronizing granularity of authorization-flow and workflow is not fine enough in existing active access control models. Differentiated permissions are authorized to multiple roles under different states of a task instance, and a duty separation constraint is enforced. A colored Petri net simulation technique is provided and used as an analysis method. A concept model is used to optimize the data utilization in workflows; and the roles collaboration in business is fully enhanced. The simulation technique is utilized to track run-time safety states of a workflow, and to find out potential deadlocks. Feasibility of the collaboration and access control concept and the effectiveness of the analysis method are verified via a software workflow.

• 出版日期2012-12
• 单位浙江大学; 华南理工大学