**An Algebraic Approach to the Analysis of Constrained Workflow Systems.** / Crampton, J.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Published

**An Algebraic Approach to the Analysis of Constrained Workflow Systems.** / Crampton, J.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Crampton, J 2004, An Algebraic Approach to the Analysis of Constrained Workflow Systems. in *Proceedings of 3rd Workshop on Foundations of Computer Security (FCS'04).* pp. 61-74.

Crampton, J. (2004). An Algebraic Approach to the Analysis of Constrained Workflow Systems. In *Proceedings of 3rd Workshop on Foundations of Computer Security (FCS'04) *(pp. 61-74)

Crampton J. An Algebraic Approach to the Analysis of Constrained Workflow Systems. In Proceedings of 3rd Workshop on Foundations of Computer Security (FCS'04). 2004. p. 61-74

@inproceedings{e766d42bc2b94933905ab88731f2a1ac,

title = "An Algebraic Approach to the Analysis of Constrained Workflow Systems",

abstract = "The enforcement of authorization constraints such as separation of duty in workflow systems is an important area of current research in computer security. We briefly summarize our model for constrained workflow systems and develop a systematic algebraic method for combining constraints and authorization information. We then show how the closure of a set of constraints and the use of linear extensions can be used to develop an algorithm for computing authorized users in a constrained workflow system. We show how this algorithm can be used as the basis for a reference monitor. We discuss the computational complexity of implementing such a reference monitor and briefly compare our methods with the best existing approach.",

author = "J. Crampton",

year = "2004",

language = "English",

pages = "61--74",

booktitle = "Proceedings of 3rd Workshop on Foundations of Computer Security (FCS'04)",

}

TY - GEN

T1 - An Algebraic Approach to the Analysis of Constrained Workflow Systems

AU - Crampton, J.

PY - 2004

Y1 - 2004

N2 - The enforcement of authorization constraints such as separation of duty in workflow systems is an important area of current research in computer security. We briefly summarize our model for constrained workflow systems and develop a systematic algebraic method for combining constraints and authorization information. We then show how the closure of a set of constraints and the use of linear extensions can be used to develop an algorithm for computing authorized users in a constrained workflow system. We show how this algorithm can be used as the basis for a reference monitor. We discuss the computational complexity of implementing such a reference monitor and briefly compare our methods with the best existing approach.

AB - The enforcement of authorization constraints such as separation of duty in workflow systems is an important area of current research in computer security. We briefly summarize our model for constrained workflow systems and develop a systematic algebraic method for combining constraints and authorization information. We then show how the closure of a set of constraints and the use of linear extensions can be used to develop an algorithm for computing authorized users in a constrained workflow system. We show how this algorithm can be used as the basis for a reference monitor. We discuss the computational complexity of implementing such a reference monitor and briefly compare our methods with the best existing approach.

M3 - Conference contribution

SP - 61

EP - 74

BT - Proceedings of 3rd Workshop on Foundations of Computer Security (FCS'04)

ER -