A Uniform Model for Authorization and Access Control in Enterprise Information Platform

摘要

Enterprise information platform (EIP) is an enterprise model-based platform, aiming at model-driven enterprise design, analysis and evaluation. Its one role is to build up a framework for the easy integration of different systems representing the processes, structures, activities, goals and information, etc of businesses, governments or other enterprises. The topic of this paper is not data integration or application integration of EIP, but integration of authorization. This paper focuses on integration of authorizations of workflow management system and resource management system of EIP. Workflow management and resource management of current EIPs usually have their own models of authorization and access control. This type of separate authorization and access control mechanism causes many security problems. Previous studies focus on each authorization system individually, but the integration of them has hardly been deeply discussed. Here the paper presents a unified authorization and access control model, so as to represent the privileges authorized by different systems in the same format, and to avoid conflicts and other security problems as the consequence.