In this paper, we develop a new paradigm for access control and authorization management, called task-based authorization controls (TBAC). TBAC models access controls from a task-oriented perspective than the traditional subject-object one. Access mediation now involves authorizations at various points during the completion of tasks in accordance with some application logic. By taking a taskoriented view of access control and authorizations, TBAC lays the foundation for research into a new breed of "active" security models that are required for agentbased distributed computing and workflow management.
I n thzs paper we descrabe conceptual foundattons t o address znlegraty assues an compuierzzed ziaforinataon systems f r o m the enterprzse perspectzve O u r motavatzoia f o r ihas effort stems f r o m the recognatzoii that exastzng models are formulated at too low a level of abstraclzon, t o be useful f o r modelzng organzzalzonal requarements, polacy aspects, and znternal controls, pertaanaiag to mazntenance of antegrzty an znformatton syst e m s I n partzcular, these models are przmarzly concerned wzth the zntegrzty of anternal data components wzthzn computer syslems, and thus lack the constriicis necessary to model enterprzse level zntegrzly prznciples T h e starlzng poznt zn our znvestzgatzon zs the notaoia of authorazatzon functaons and tasks assocaated tutllr buszness acizvataes carrzed out zn the enterprzse These functzons zdentafy the auihorzzaizon reqiizrements whzle the authorzzatton tasks embody Ihe concepts requzred to carry out such authorzzaizons W e belzeve a model of task-based auihorzzatzons u~zll brzdge Ihe exzstzng gap between low-level models and very hzgh level ones lookziag at ziitegrzty f r o m a purely orgaiizzataonal and soczologzcal perspectzve devozd of any darect lznks l o coiiipuierzted syslems. T h e work descrabed here as prelzinznary and conceptual an nature. but is a necessary prerequiszte for Ihe eventual developinelit of a f o r m a l model.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.