Konstantin Knorr
University of Zurich
Switzerland

Access control is an important protection mechanism for information systems. An access control matrix grants subjects privileges to objects. Today, access control matrices are static, they rarely change during time. This paper shows how to make access control matrices dynamic by means of workflows. Access rights are granted according to the state of the workflow. By this practice the risk of data misuse is decreased which is proven through an equation given in the paper. The concept of workflow is defined by Petri nets which offer a solid mathematical foundation and are well suited to represent discrete models like workflows.

Keywords: access control, workflow, Petri net

Read Paper (in PDF)