IBM Skip to main content
  Home     Products & services     Support & downloads     My account  
  Select a country  
Journals Home  
  Systems Journal  
  ·  Current Issue  
  ·  Recent Issues  
  ·  Papers in Progress  
  ·  Search/Index  
  ·  Orders  
  ·  Description  
  ·  Author's Guide  
Journal of Research
and Development
  Staff  
  Contact Us  
  Related link:  
     IBM Security  
IBM Systems Journal  
Volume 40, Number 3, 2001
End-to-End Security
 Table of contents: arrowHTML arrowPDF arrowASCII   This article: arrowHTML arrowPDF arrowASCII arrowCopyright info
   

Separation of duties for access control enforcement in workflow environments - References
by R. A. Botha and J. H. P. Eloff

Cited references and note

  1. F. E. Allen, “Turning Points in Interaction with Computers,” IBM Systems Journal 38, Nos. 2&3, 135–138 (1999).
  2. D. Hollingsworth, The Workflow Reference Model, WFMC-TC 1003, Issue 1.1, Workflow Management Coalition (January 1995); available from www.wfmc.org.
  3. Information Processing Systems—Open Systems Interconnection—Basic Reference Model—Part 2: Security Architecture, ISO 7498-2, International Organization for Standardization (1989).
  4. F. Leyman and D. Roller, Production Workflow: Concepts and Techniques, Prentice Hall, Upper Saddle River, NJ (2000).
  5. The Workflow Management Coalition refers to activities but recognizes tasks as a synonym. See Terminology & Glossary, WFMC-TC1011, Issue 2.0, Workflow Management Coalition (June 1996); available from www.wfmc.org.
  6. E. Bertino, E. Ferrari, and V. Atluri, “Specification and Enforcement of Authorization Constraints in Workflow Management Systems,” ACM Transactions on Information and System Security, 65–104 (February 1999).
  7. J. Barkley, Workflow Management Employing Role-Based Access Control, U.S. Patent No. 6,088,679 (July 11, 2000).
  8. M. H. Kang, J. S. Park, and J. N. Froscher, “Access Control Mechanisms for Inter-Organizational Workflow,” Proceedings of the 6th ACM Symposium on Access Control Models and Technologies SACMAT 2001, Chantilly, VA (May 3–4, 2001), pp. 66–74.
  9. G.-J. Ahn, R. S. Sandhu, M. Kang, and J. Park, “Injecting RBAC to Secure a Web-Based Workflow System,” Proceedings of the 5th ACM Workshop on Role-Based Access Control, Berlin (July 26–28, 2000).
  10. R. S. Sandhu, E. J. Coyne, H. L. Fenstein, and C. E. Youman, “Role-Based Access Control Models,” Computer 29, No. 2, 38–47 (February 1996).
  11. J. H. Saltzer and M. D. Schroeder, “The Protection of Information in Computer Systems,” Proceedings of the IEEE 63, No. 9, 1278–1308 (1975).
  12. D. D. Clark and D. R. Wilson, “A Comparison of Commercial and Military Computer Security Policies,” Proceedings of IEEE Symposium on Security and Privacy (April 1987), pp. 184–194.
  13. R. Sandhu, “Transaction Control Expressions for Separation of Duties,” Proceedings of the 4th Aerospace Computer Security Conference (December 1988), pp. 282–286.
  14. R. Sandhu, “Separation of Duties in Computerized Information Systems,” Proceedings of IFIP WG11.3 Workshop on Database Security (September 1990).
  15. M. J. Nash and K. R. Poland, “Some Conundrums Concerning Separation of Duty,” Proceedings of the 1990 IEEE Symposium on Security and Privacy (May 1990), pp. 201–207.
  16. D. Ferraiolo, J. Cugini, and D. R. Kuhn, “Role-Based Access Control (RBAC): Features and Motivations,” Proceedings of the 1995 Computer Security Applications Conference (December 1995), pp. 241–248.
  17. R. Simon and M. E. Zurko, “Separation of Duty in Role-Based Environments,” Proceedings of the 10th Computer Security Foundation Workshop, Rockport, MA (June 10–12, 1997), pp. 183–194.
  18. D. R. Kuhn, “Mutual Exclusion of Roles as a Means of Implementing Separation of Duty in Role-Based Access Control Systems,” Proceedings of the 2nd ACM Workshop on Role-Based Access Control, Fairfax, VA (October 1997), pp. 23–30.
  19. V. D. Gligor, S. I. Gavrila, and D. Ferraiolo, “On the Formal Definition of Separation of Duty Policies and Their Composition,” Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA (May 3–6, 1998), pp. 172–183.
  20. M. Nyanchama and S. Osborn, “The Role-Graph Model and Conflict of Interest,” ACM Transactions on Information and Systems Security 2, No. 1, 3–33 (February 1999).
  21. G.-J. Ahn and R. S. Sandhu, “The RSL99 Language for Role-Based Separation of Duty Constraints,” Proceedings of the 4th ACM Workshop on Role-Based Access Control, Fairfax, VA (October 28–29, 1999), pp. 43–54.
  22. R. K. Thomas and R. S. Sandhu, “Towards a Task-Based Paradigm for Flexible and Adaptable Access Control in Distributed Applications,” Proceedings of the 1992–1993 ACM SIGSAC New Security Paradigms Workshop, Little Compton, RI (1993), pp. 138–142.
  23. R. K. Thomas and R. S. Sandhu, “Conceptual Foundations for a Model of Task-Based Authorizations,” Proceedings of the IEEE Computer Security Foundations Workshop, New Hampshire, IEEE Press (1994).
  24. R. K. Thomas and R. S. Sandhu, “Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Authorization Management,” Database Security, XI: Status and Prospects, T. Y. Lin and S. Qian, Editors, Chapman and Hall, London (1997), pp. 166–181.
  25. S. Oh and S. Park, “Task-Role Based Access Control (T-RBAC): An Improved Access Control Model for Enterprise Environment,” Proceedings of the 11th International Conference on Database and Expert Systems Applications, DEXA 2000 (2000), pp. 264–273.
  26. S. Perelson and R. A. Botha, “Conflict Analysis as a Means of Enforcing Static Separation of Duty Requirements in Workflow Environments,” South African Computer Journal, No. 26, 212–216 (November 2000).
  27. V. Atluri and W-K. Huang, “An Authorization Model for Workflows,” Proceedings of the Fifth European Symposium on Research in Computer Security, Rome, Italy, and Lecture Notes in Computer Science, No. 1146, Springer-Verlag, Berlin (September 1996), pp. 44–64.
  28. D. Cholewka, R. A. Botha, and J. H. P. Eloff, “A Context-Sensitive Access Control Model and Prototype Implementation,” Proceedings of the IFIP TC11 15th International Conference on Information Security (SEC2000), Beijing, China (2000), pp. 341–350.
  29. N. W. Paton and O. Díaz, “Active Database Systems,” Computing Surveys 31, No. 1, 63–103 (March 1999).
  30. C. Petrie and S. Sarin, “Beyond Documents: Sharing Work,” IEEE Internet Computing, 34–36 (May–June 2000).
About IBM | Privacy | Legal | Contact