: In this paper we introduce a series of reference models for Secure Role-Based Workflow systems. We build our models over the well-known RBAC96 framework. 96 model supports the notion of abstract permissions. The nature of permissions is highly dependent upon the implementation details of the system, so we interpret the permissions for a Workflow system in terms of its components such as tasks, instances of the tasks and operations on them like execute, commit, abort etc. With this interpretation, we show that most of the components of RBAC96 still remain intact. The only components that change are the nature of permissions and their assignment to roles. The models are developed using the recently introduced four-layer OM -AM framework (comprising objective, model, architecture and mechanism layers). In this paper, we focus on the top two layers of OM-AM. We systematically describe our security objectives and construct our models to address these objectives. We also formally describe ...
Savith Kandala, Ravi S. Sandhu