A Secure Framework for Dynamic Task Delegation in Workflow Management Systems

Khaled Gaaloul 1
1 SCORE - Services and Cooperation
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : Task delegation presents one of the business process security leitmotifs. We currently observe a move away from predefined strict workflow modelling towards dynamic approaches supporting flexibility on the organisational level and dynamic authorisation on the security level. One specific approach is that of task delegation. Delegation defines a mechanism that bridges the gap between both workflow and access control systems. There are two important issues relating to delegation, namely allowing task delegation to complete, and having a secure delegation within a workflow. Delegation completion and authorisation enforcement are specified under specific constraints. Constraints are defined from the delegation context implying the presence of a fixed set of delegation events to control the delegation execution. In this dissertation, we aim to reason about delegation events to model task delegation and to specify delegation policies dynamically. To that end, we present an event-based task delegation model to monitor the delegation process. We then identify relevant events for authorisation enforcement to specify delegation policies. Subsequently, we propose a task-oriented access control model to address these requirements. Using our access control model, we analyse and specify delegation constraints into authorisation policies. Moreover, we propose a technique that automates delegation policies using event calculus to control the delegation execution and to increase the compliance of all delegation changes in the existing policy of the workflow.
Complete list of metadatas

Cited literature [110 references]  Display  Hide  Download

Contributor : Khaled Gaaloul <>
Submitted on : Friday, December 3, 2010 - 5:05:13 PM
Last modification on : Tuesday, December 18, 2018 - 4:26:01 PM
Long-term archiving on: Friday, March 4, 2011 - 4:00:35 AM


  • HAL Id : tel-01746351, version 2


Khaled Gaaloul. A Secure Framework for Dynamic Task Delegation in Workflow Management Systems. Computer Science [cs]. Université Henri Poincaré - Nancy I, 2010. English. ⟨NNT : 2010NAN10058⟩. ⟨tel-01746351v2⟩



Record views


Files downloads