Authorization Model for Strongly Distributed Information Systems

The title of the thesis contains words strongly distributed systems1. This means information systems that are able to process tasks that may be distributed not only in space, but also in time. What we are going to discuss are problems related to processing tasks with long time durability those processing is performed in multiple information systems with their own administration. More and more often we can hear about Workflow management systems (WfMS) that are used to automate business activities. Those information systems are typical systems with the above mentioned properties and the thesis uses both terms as synonyms. Today, WfMS represent an important, inter-disciplinary area which is commercially significant. The widespread use of workflow applications has lead to increased awareness of data security issues. This dissertation identifies levels of access control and authorization requirements. Specifies discretionary and mandatory access controls for the workflow systems and proposes suitable security model. The thesis proposes a formal framework, based on process algebra Calculus of Communicating Systems (CCS), for modeling and analyzing of security properties of WfMS. The specific contributions of the thesis are as follows: 1. Active authorization model (AAM) is proposed. The model provides basic features necessary for synchronization of authorization flow with 1The notion strongly distributed system is used throughout this thesis for systems that are distributed in space (there are several autonomous nodes that communicate) and that are able to execute computational tasks that have long lifetime and that may be executed on several autonomous nodes