An Improved Task and Role-Based Access Control Model with Multi-Constraint
A combination of Task and Role-based Access Control with multi-constraint is put forward in this paper. It is designed to solve problem of access control management about collaborators in workflow system, whose difficulties lie in complex authorization and low users efficiency. It combines the tasks and roles, classifies tasks, simplifies permissions management, defines the mutually exclusive roles and binding tasks and formulates dynamic users allocation policies by establishing a users execution history table to improving the efficiency. Finally, a specific dynamic access control design is given for electric power enterprise equipment maintenance management workflow, the given example shows that the model and algorithm satisfies the principle of least permission and separation of duties and ensures the workflow system to execute tasks safely and efficiently.