An Access Control Model of Workflow System Integrating RBAC and TBAC

  • Xiangning Zhou
  • Zhaolong Wang
Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 252)


Basing on the integration of two models, RBAC and TBAC, an access control model called Role-Task Based Access Control (R&TBAC) is given, which takes two parts as combining sites, one is the role and trustee, the other is the role permission assignment and trustee permissions. A set of fundamental conceptions, a series of authorization processes, a formalized description and some modeling tools about this model are given. This model has both intuitionistic and dynamic characteristics. It also has some other advantages, such as economical for memory space, convenient to maintain and control etc.


Access Control Model Access Permission Trustee Permission Role Hierarchy RBAC Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    R.S. Sandhu, E.J. Coyne and H.L. Feinstein, et al. Role Based Access Control Models. IEEE Computer, 29(2), 38–47 (1996)CrossRefGoogle Scholar
  2. 2.
    S. Kandala and R. Sandhu, Secure Role-based workflow Models. Proc of the 15th IFIP WG 11.3 Working Comference on Database Security. Niagara, Ontario, Canda, Kluwer Academic Publishers (2002).Google Scholar
  3. 3.
    X.M. Wang, Z.T. Zhao and K.G. Hao, “A Weighted Role and Periodic Time Access Control Model of WorkFlow System”. Journal of Software, 14(11), 1841–1848 (2003).MATHGoogle Scholar
  4. 4.
    R.K. Thomas and R.S. Sandhu, Towards a task-based paradigm for flexible and adaptable access control in distributed applications. Proc of the 1992–1993 CM SIGSAC New security Paradigms Workshops. Little Compton, Rhode Island, US: ACM Press (1993).Google Scholar
  5. 5.
    R.K. Thomas and R.S. Sandhu, Conceptual Foundations for a Model of Task-based Authorizations, Proc of the 7th IEEE Computer Security Foundations Workshop. Franconia NH: IEEE Com, 66–79 (1994).Google Scholar
  6. 6.
    J.B. Deng and F. Hong, “Task-Based Access Control Model”, Journal of Software, 14(01), 0076–0082 (2003).MATHGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2007

Authors and Affiliations

  • Xiangning Zhou
    • 1
  • Zhaolong Wang
    • 2
  1. 1.School of Information and Electronic EngineeringShanDong Institute of Business and TechnologyYantaiChina
  2. 2.Network Center YanTai UniversityYantaiChina

Personalised recommendations