| In the information system of smart distribution grid, many business processes are typically required to work together, these businesses require multi-department and people to work together in strict accordance with predetermined operating procedures and constraint specifications. Workflow technology which is process-oriented and can handle unstructured information using a collaborative work mechanism, can accurately and efficiently achieve safety management information system automation. However, the security issues can not be ignored, the use of access control model for collaborative staff to manage access control, and both to ensure the smooth implementation of the authorized user to perform tasks and to ensure that prohibit unauthorized users to perform tasks. If the permissions are mismanaged, it may result in data being stolen or tampered by unauthorized users, thus affecting the normal operation of the system. At this background, the paper launches a study to solve the problem.Firstly, for the characteristics of workflow information system in smart distribution grid, based on the existing model, this paper proposes task and role-based with multi-constraint access control model. The new model classifies tasks and redefines role hierarchy, at the same time, it designs a variety of authorization constraints such as binding tasks and establishs user execution history lists. All these are designed for the administrator of system to control the role assignment and a complete workflow implementation.Secondly, focus on secure access requirements to the actual business workflow information systems in smart distribution grid, this paper provides the access control system design principles and design framework. Based on the original separation of duties verification algorithm and combining multiple authorization constraints, this paper designes static-dynamic separation of duties algorithms.Finally, do example tests and analysis to prove the model. For the maintenance work ticket management system in smart distribution grid, by analyzing the actual business processes, this paper provides the access control system security policies and implementation policies, the static-dynamic separation of duty algorithm is carried out to verify separation of duties for the user application. At last, the dynamic authorization and least permission analysis are given, which show the model is applied in the smart distribution grid workflow system with feasibility. |
PDF Full Text Request