15th Annual Computer Security Applications Conference
December 6-10, 1999
Phoenix, Arizona

Napoleon: A recipe for workflow

C. Payne, cpayne@securecomputing.com
D. Thomsen
J. Bogle
R. O'Brien

Secure Computing Corporation
2675 Long Lake Road
Roseville, MN 55113

Keywords: workflow, role-based access control, security policy, distributed system security

This paper argues that Napoleon, a flexible, role-based access control (RBAC) modeling environment, is also a practical solution for enforcing business process control, or workflow, policies. Napoleon provides two important benefits for workflow: simplified policy management and support for heterogeneous, distributed systems. We discuss our strategy for modeling workflow in Napoleon, and we present an architecture that incorporates Napoleon into a workflow management system.