Workflow refers to a process automation of transferring texts, information and tasks among participants in a process of working according to a group of pre-defined rules for a certain commercial purpose. Since the workflow separates process logic and function logic, thereby increasing a flexibility of a system, an automation of an approval process within an enterprise is achieved with a use of the workflow, which may greatly improve a service processing efficiency of the enterprise. Workflow Management System (WMS) is a software system that completes definition and management of the workflow and advances an execution of a workflow instance according to pre-defined workflow logic.
In a real office application, a single execution of a workflow requires a coordination of different roles of a plurality of different departments. A security policy of the enterprise determines which role may do which work and which role cannot do which work in a life cycle of the workflow. Therefore, a group of access control mechanisms are required in the WMS to ensure that each step of the workflow is undertaken and completed by a correct role.
An Access control (AC) is mainly used to limit an access of an illegal subject to key resources, and to prevent an intrusion of illegal users or destruction due to inadvertent operations of legitimate users. An AC technology generally includes three elements.
Subject: an active party that initiates an access operation usually refers to a user or a process of the user, including the user, a user group, a terminal, a host, or an application, and the subject may access an object.
Object: the object being accessed may be a byte, a field, a record, a program, a file, a processor, a memory, a network contact and so on.
Security access policy: a group of rules are used to determine whether the subject has an ability of accessing to the object.
There are three main traditional access control mechanisms: Discretionary Access Control (DAC), Mandatory Access Control (MAC) and Role-Based Access Control (RBAC). The DAC may provide users with flexible and easy way to access data, but it is low in security and is easy to be bypassed by illegal users for access permission. Although the MAC is better in security than the DAC, since the MAC gives a certain level of security for each user and file and does not allow a single user to determine access permission, and only a system administrator may determine the access permission of users and files, it is not very flexible and convenient for users to use. A basic idea of the RBAC is that the access permission granted to users are usually determined by a role of the user in an organization, and the access permission and control are made according to the role of the user in the organization, but the user cannot autonomously pass the access permission to others. The biggest feature of the RBAC is to associate the access permission with the role. Different roles have different permission. A power that the user has cannot exceed the permission required when the user executes the work. When responsibilities of the users changes, the role authorized to them is changed so as to change the permission of the users, thus reducing a complexity of management and also describing a more complex security strategy.
However, the above three access control techniques are based on subject-object access control thinking. As long as the subject has specific access permission to the object, the subject may access the object. This static authorization cannot be closely related to a transaction processing flow in the application, so it is difficult for the system to grant and revoke the permission (or roles) in a timely and accurate manner. In a practical application, often the time that the user has permission is longer than the time that the user needs permission, resulting in potential insecurity.