基于图的工作流访问控制模型

• 论文 •

基于图的工作流访问控制模型

魏永合，王成恩，罗小川

1.沈阳理工大学机械工程学院，辽宁沈阳110168；2.东北大学教育部流程工业综合自动化重点实验室，辽宁沈阳110004

出版日期:2009-05-15 发布日期:2009-05-25

Access control model based on graph for workflow

WEI Yong-he, WANG Cheng-en, LUO Xiao-chuan

1.School of Mechanical Engineering, Shenyang Ligong University, Shenyang 110168, China;2.Ministry of Education Key Lab for Process Institute Automation, Northeastern University, Shenyang 110004, China

Online:2009-05-15 Published:2009-05-25

摘要/Abstract

摘要： 为了直观和准确地描述工作流访问控制，提出了一个基于图的工作流访问控制模型。使用图和图变换对模型进行形式化描述，并给出了模型应用的相关算法。在该模型中，使用类型图表示访问控制中各元素的类型信息，使用带变量规则表示系统授权状态转换，使用肯定、否定约束限制图结构，并建立了基于图的工作流访问控制授权约束和图变换规则模板。提出了基于图变换的约束一致性验证算法和使用图终止性对授权合理性验证的方法。最后，通过一个实例对模型进行了验证。

关键词: 图, 图变换, 访问控制

Abstract: To provide a direct and precise description for workflow access control, an access control model for workflow systems was developed based on graph and graph transformation. The model was represented by using graph which provided a formal basis for proving the semantic correctness of the model. The model was formally described by graph and graph transformation and relevant algorithms to the model were also presented. In this model, a type of graph was specified to represent the type information of elements in the graph transformation for workflow access control, a set of rules with variable were used to express the transformation of system authorization status and a series of positive and negative constraints were set up to depict wanted and unwanted framework in authorization graph. The graph based authorization constraints of access control in workflow and template of graph transformation rules were also set up. The verification algorithm of constraints consistency was proposed. And the method by using termination to verify access control rationality was also presented. Finally, an application example was provided to verify the feasibility of the model.

Key words: graph, graph transformation, access control, workflow

中图分类号:

TP309

魏永合,,王成恩，罗小川. 基于图的工作流访问控制模型[J]. .

WEI Yong-he,, WANG Cheng-en, LUO Xiao-chuan. Access control model based on graph for workflow[J]. .

[1]	张力雯,方贤文,邵叱风,王丽丽. 基于行为校验与偏差组合的过程模型修复[J]. 计算机集成制造系统, 2021, 27(9): 2625-2635.
[2]	郭松,范存群. 基于重要度理论的图像识别方法[J]. 计算机集成制造系统, 2021, 27(9): 2736-2740.
[3]	满君丰,赵龙乾,彭成,李倩倩. 云边协同计算架构下大规模工厂接入的任务调度[J]. 计算机集成制造系统, 2021, 27(8): 2282-2294.
[4]	欧一鸣,苏雍贺,靳健,倪玮晨,陶飞. 基于知识图谱的分布式光伏运维方案匹配方法[J]. 计算机集成制造系统, 2021, 27(7): 1860-1870.
[5]	陈治宇,鲍劲松,郑小虎,丁司懿,刘天元. 基于长短期记忆网络的装配工艺语义识别方法[J]. 计算机集成制造系统, 2021, 27(6): 1582-1593.
[6]	张昊鹏,郭宇,汤鹏洲,黄少华,刘道元,李晗. 基于图像匹配的增强现实装配系统跟踪注册方法[J]. 计算机集成制造系统, 2021, 27(5): 1281-1291.
[7]	李进宇,王秋莲,张炎. 基于递归分析的混流生产模式机械加工过程能效分析和状态监测[J]. 计算机集成制造系统, 2021, 27(5): 1341-1350.
[8]	娄宁,习俊通. 基于光刀图像的机器人示教纠偏方法[J]. 计算机集成制造系统, 2021, 27(3): 683-691.
[9]	刘庭煜,洪庆,孙毅锋,刘洋,杜小东,刘晓军,宋豪杰. 基于图卷积网络的数字孪生车间生产行为识别方法[J]. 计算机集成制造系统, 2021, 27(2): 501-509.
[10]	何援军. 国产CAD软件重启之路[J]. 计算机集成制造系统, 2021, 27(11): 3057-3075.
[11]	林俊义,张举,李龙喜,肖棋,江开勇. 融合深度图像与密度聚类的下一最佳测量位姿确定方法[J]. 计算机集成制造系统, 2021, 27(11): 3138-3147.
[12]	刘雪红,段程,王磊. 基于改进候鸟算法的柔性作业车间分批调度问题[J]. 计算机集成制造系统, 2021, 27(11): 3185-3195.
[13]	李鑫,廖凯文,陈薇,张晓庆. 多自动导引车路径规划的时空冲突约束A*算法[J]. 计算机集成制造系统, 2021, 27(11): 3219-3226.
[14]	史进程,郭洪飞,张儒,姜浩,邹政伟,屈挺,许春宇,陈敏诗,何智慧,李从东,黄国全. 基于知识图谱的物联网研究文献计量分析[J]. 计算机集成制造系统, 2021, 27(1): 229-239.
[15]	郭洪飞,陈敏诗,张瑜,屈挺,李键坷,张皓. 基于价值流图及仿真技术的驾驶室焊装生产线改善[J]. 计算机集成制造系统, 2020, 26(第4): 920-929.