A Research Of RBAC Model Based On BPM

Business process management is a kind of system which is only used in dealing with processed businesses in information managing system,with the rapid development of information technology in enterprises,business process management(BPM)is gradually get more and more concerned.However,a safe access control technology method which acts as an important mechanism in order to ensure the system safety in business process management,it gets more and more extensive research.Due to the more and more complexity and the continuous changes in business process requirements in our society,the traditional access control technologies can't completely satisfy the demand of flexibility in business process management system.After analyzing the advantages and shortcomings of traditional discretionary access control(DAC),mandatory access control(MAC),role based access control(RBAC)and task based access control(TBAC)model which are applied in business process management,this dissertation come up with a new dimension and organization RBAC model,this model is based on RBAC model and TBAC model,bringing in personal dimension,organization,position,duty and so on and the relationship between those organization and role,subordinate and supervisor,organization and task,the task authorized are all described by role-based constrains 2000 of formal language,system functions and constraint rule expressions.In addition,this essay analysis three authorization modes,there are static authorization,dynamic authorization and proxy authorization,then come up with the detecting algorithms description in the circuit and conflicts problem in role hierarchy respectively.Finally,on the basis of the business process prototype system used open Activiti workflow engine technology,combining with the proposed new dimension and organization RBAC model,the expanding prototype system is given.The personal organization sub-system is developed,with the user and organization applying in the user setting in task nodes in business process,process authority and process proxy authority,verifying this DO-RBAC model is practical for applications under certain circumstances.