An Algebraic Approach to the Analysis of Constrained Workflow Systems. / Crampton, J.

Proceedings of 3rd Workshop on Foundations of Computer Security (FCS'04). 2004. p. 61-74.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Published

Abstract

The enforcement of authorization constraints such as separation of duty in workflow systems is an important area of current research in computer security. We briefly summarize our model for constrained workflow systems and develop a systematic algebraic method for combining constraints and authorization information. We then show how the closure of a set of constraints and the use of linear extensions can be used to develop an algorithm for computing authorized users in a constrained workflow system. We show how this algorithm can be used as the basis for a reference monitor. We discuss the computational complexity of implementing such a reference monitor and briefly compare our methods with the best existing approach.
Original languageEnglish
Title of host publicationProceedings of 3rd Workshop on Foundations of Computer Security (FCS'04)
Pages61-74
Number of pages14
Publication statusPublished - 2004

ID: 1274987