Page 283 - DCAP103_Principle of operating system
P. 283

Principles of Operating Systems



                   Notes         requires identifying the user’s job functions, determining the minimum set of privileges required
                                 to perform those functions, and restricting the user to a domain with those privileges and nothing
                                 more. In less precisely controlled systems, least privilege is often difficult or costly to achieve
                                 because it is difficult to tailor access based on various attributes or constraints. Role hierarchies
                                 can be established to provide for the natural structure of an enterprise. A role hierarchy defines
                                 the roles that have unique attributes and that may contain other roles; that is, one role may
                                 implicitly include the operations that are associated with another role.
                                 8.3.7 Temporal Constraints

                                 Temporal constraints are formal statements of access policies that involve time-based restrictions
                                 on access to resources; they are required in several application scenarios. In some applications,
                                 temporal constraints may be required to limit resource use. In other types of applications, they
                                 may  be  required  for  controlling  time-sensitive  activities.  It  is  the  time-based  constraints  (in
                                 addition to other constraints like workflow precedence relationships) that must be evaluated for
                                 generating dynamic authorizations during workflow execution time. Temporal constraints may
                                 also be required in non-workflow environments as well. For example, in a commercial banking
                                 enterprise, an employee should be able to assume the role of a teller (to perform transactions
                                 on customer accounts) only during designated banking hours (such as 9 a.m. to 2 p.m., Monday
                                 through Friday, and 9 a.m. to 12 p.m. on Saturday). To meet this requirement, it is necessary to
                                 specify temporal constraints that limit role availability and activation capability only to those
                                 designated banking hours.

                                 Popular access control policies related to temporal constraints are the history-based access control
                                 policies, which are not supported by any standard access control mechanism but have practical
                                 application in many business operations such as task transactions and separation of conflicts-
                                 of-interests. History-based access control is defined in terms of subjects and events where the
                                 events of the system are specified as the object access operations associated with activity at a
                                 particular security level. This assures that the security policy is defined in terms of the sequence
                                 of events over time, and that the security policy decides which events of the system are permitted
                                 to ensure that information does not “flow” in an unauthorized manner. Popular history-based
                                 access control policies are Workflow and Chinese Wall, which are described below.
                                 8.3.8 Workflow

                                 Based  on  the  definition  provided  by  the  Workflow  Management  Coalition  (WFMC),  an
                                 international organization of workflow vendors, users, and research groups, a workflow is a
                                 representation of an organizational or business process in which “documents, information, or
                                 tasks are passed from one participant to another in such a way that is governed by rules or
                                 procedures.” A workflow separates the various activities of a given organizational process into
                                 a set of well-defined tasks. Hence, typically, a workflow (often synonymous with a process) is
                                 specified as a set of tasks and a set of dependencies among the tasks, and the sequencing of
                                 these tasks is important. The various tasks in a workflow are usually carried out by several users
                                 in accordance with organizational rules relevant to the process represented by the workflow.
                                 The representation of a business process using a workflow involves a number of organizational
                                 rules or policies. An important class of organization policies is the organization’s security policies.
                                 Within the realm of security policies, access control policies play a key role, and hence defining
                                 and enforcing access control requirements becomes a key function of a Workflow Management
                                 System (WFMS).
                                 Figure 8.2 presents a schematic diagram of the overall architecture of a WFMS, which consists
                                 of two main components—design-time and run-time. The design-time component consists of
                                 a set of tools (called the process definition tools) that are used for defining and modeling the


        276                               LOVELY PROFESSIONAL UNIVERSITY
   278   279   280   281   282   283   284   285   286   287   288