An Authorization Model for Work Blockinows ?

Work ows represent processes in manufacturing and o ce environments that typically consist of several well-de ned activities (known as tasks). To ensure that these tasks are executed by authorized users or processes (subjects), proper authorization mechanisms must be in place. Moreover, to make sure that authorized subjects gain access on the required objects only during the execution of the speci c task, granting and revoking of privileges need to be synchronized with the progression of the work ow. A prede ned speci cation of the privileges often allows access for more than the time required, thus, though a subject completes the task or have not yet begun the task, it may still possess privileges to access the objects, resulting in compromising security. In this paper, we propose a Work ow Authorization Model (WAM) that is capable of specifying authorizations in such a way that subjects gain access to required objects only during the execution of the task, thus synchronizing the authorization ow with the work ow. To achieve this synchronization, we associate an Authorization Template (AT) with each task, which allows appropriate authorizations to be granted only when the task starts and to revoke them when the task nishes. In this paper, we also present a model of implementation based on Petri nets and show how this synchronization can be implemented. Because the theoretical aspects of Petri nets have been extensively studied and due to their strong mathematical foundation, a Petri net representation of an authorization model serves as a good tool for conducting safety analysis since the safety problem in the authorization model is equivalent to the reachability problem in Petri nets.