(3.237.20.246) 您好!臺灣時間:2021/04/14 10:31
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:朱柏榮
研究生(外文):Jhu, Bo-Rong
論文名稱:改良以角色為基礎的存取控制於跨組織工作流程
論文名稱(外文):Enhanced Role-Based Access Control for Inter-Organizational Workflow
指導教授:吳美玉吳美玉引用關係
指導教授(外文):Mei-Yu Wu
學位類別:碩士
校院名稱:中華大學
系所名稱:資訊管理學系碩士班
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2012
畢業學年度:100
語文別:中文
論文頁數:56
中文關鍵詞:以角色為基礎的存取控制工作流程跨組織工作流程信賴
外文關鍵詞:Role-Based Access ControlWorkflowInert-Organizational WorkflowTrust
相關次數:
  • 被引用被引用:1
  • 點閱點閱:203
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:7
  • 收藏至我的研究室書目清單書目收藏:0
由於經營環境的變化以及全球化競爭的影響,許多企業開始尋找合作伙伴以共同創造利益,但是合作的同時,因彼此企業規模與角色擁有權限不同所衍生的問題也隨之產生。雖然以角色為基礎的存取控制已被廣泛的使用於許多組織內,用以控管組織內的權限分派,但對於跨組織工作流程這樣的合作環境來說尚有不足之處。因此本研究藉由加入信賴的概念來改良以角色為基礎的存取控制,使其彌補傳統存取控制的不足之處。最後,分別以範例說明的方式對本研究所提出的方法進行說明,並探討其績效。
Due to the rapidly changes of business environment, enterprises have to seek out suitable partners to make a great benefit together. However, the difference of business size and the organizational structure makes that the traditional access control, such as role-based access control (RBAC), cannot assign roles and manage permissions appropriately in the inter-organizational workflow. Therefore, the study combined the concept of trust with traditional role-based access control to compensate for the insufficient of RBAC in the inter-organizational workflow. The proposed model will be suitable for enterprises to assign roles properly in the inter-organizational workflow and achieve fairness and security of permission managements.
摘要 I
ABSTRACT II
誌謝 III
目錄 IV
圖目錄 VI
表目錄 VII
第一章 緒論 1
1.1 研究背景與動機 1
1.2 研究目的 2
1.3 研究流程 3
1.4 論文架構 4
第二章 文獻探討 6
2.1 以角色為基礎的存取控制 6
2.1.1 模型架構 6
2.1.2 安全原則 8
2.2 工作流程 9
2.2.1 定義 10
2.2.2 組成元素 10
2.2.3 參考模型 14
2.2.4 工作流程管理系統 15
2.3 跨組織工作流程 16
2.3.1 流程架構 16
2.3.2 存取控制於跨組織工作流程 19
2.4 信賴 21
2.5 小結 25
第三章 存取控制於跨組織工作流程 26
3.1 原組織角色-權限的轉換 27
3.1.1 演算法符號定義 29
3.1.2 使用者角色指派演算法 30
3.2 改良以角色為基礎的存取控制 36
第四章 說明與討論 43
4.1 原組織角色-權限的轉換說明 43
4.2 使用者指派說明 47
4.3 分析與討論 49
第五章 結論與未來研究 51
5.1 結論 51
5.2 未來研究 52
參考文獻 53
[1]許道然,「組織信任之研究:一個整合性觀點」,空大行政學報,第11期,253-296頁,民國90年。
[2]陳哲閎,「Internet 上一般化工作流程管理系統的設計與實做」,台灣大學資訊管理研究所碩士論文,民國86年。
[3]馮立誠,「信任的定義與理論定位之命題研究」,朝陽科技大學企業管理系碩士論文,民國94年。
[4]簡其弘,「以角色為基礎的存取控制於跨組織工作流程之研究」,中華大學資訊管理學系碩士論文,民國95年。
[5]Ahn, G. J., Sandhu, R. S., Kang, M. H. and Park, J. S., “Injecting RBAC to Secure a Web-Based Workflow System”, Proceedings of the 5th ACM Workshop on Role-Based Access Control, Berlin, Germany, pp. 47-63, July 2000.
[6]Botha, R. A. and Eloff, J. H. P., “A Framework for Access Control in Workflow Systems”, Information Management and Computer Security, vol. 9, no. 3, pp. 126-133, 2001.
[7]Botha, R. A. and Eloff, J. H. P., “Designing Role Hierarchies for Access Control in Workflow Systems”, Proceedings of the 25th International Computer Software and Applications Conference on Invigorating Software Development, Chicago, Illinois, U.S.A., pp. 117-122, October 2001.
[8]Casati, F., Ceri, S., Pernici, B. and Pozzi, G., “Workflow Evolution”, Data and Knowledge Engineering, vol. 24, no. 3, pp. 211-238, 1998.
[9]Chakraborty, S. and Ray, I., “TrustBAC-Integrating Trust Relationships into the RBAC Model for Access Control in Open Systems”, Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, pp. 49-58, 2006.
[10]Chebbi, I. and Tata, S., “CoopFlow: A Framework for Inter-Organizational Workflow Cooperation”, Proceedings of International Conference on Cooperative Information Systems, Agia Napa, Cyprus, pp. 112-129, 2005.
[11]Chebbi, I., Dustdar, S. and Tata, S., “The View-Based Approach to Dynamic Inter-Organizational Workflow Cooperation”, Data and Knowledge Engineering, vol. 56, no. 2, pp. 139-173, February 2006.
[12]Chen, F. and Sandhu, R. S., “Constraints for Role-Based Access Control”, ACM Role-Based Access Control Workshop, Gaithersburg, Maryland, U.S.A., pp. 39-46, 1996.
[13]Ferraiolo, D. F. and Kuhn, D. R., “Role-based Access Controls”, Proceedings of the 15th National Computer Security Conference, Baltimore, Maryland, U.S.A., pp. 554-563, October 1992.
[14]Ferraiolo, D. F., Barkley, J. F. and Kuhn, D. R., “A Role-Based Access Control Model and Reference Implementation within a Corporate Intranet”, ACM Transactions on Information Systems Security, vol. 2, no. 1, pp. 34-64, February 1999.
[15]Ferraiolo, D. F., Cugini, J. A., and Kuhn, D. R., “Role-Based Access Control (RBAC): Features and Motivations”, Proceedings of 11th Annual Computer Security Application Conference, New Orleans, Louisiana, U.S.A., pp. 241-248, December 1995.
[16]Ferraiolo, D. F., Sandhu, R. S., Gavrila, S., Kuhn, D. R. and Chandramouli, R., “Proposed NIST Standard for Role-Based Access Control”, ACM Transactions on Information and System Security, vol. 4, no. 3, pp. 224-274, August 2001.
[17]Fukuyama, F., “Trust: The Social Virtues and the Creation of Prosperity”, Simon and Schuster, 1996
[18]Gambetta, D., “Can We Trust Trust?”, Trust: Making and Breaking Cooperative Relations, Electronic Edition, Department of Sociology, University of Oxford, Chapter 13, pp. 213-237, 2000.
[19]Georgakopoulos, D., Hornick, M. and Sheth, A., “An Overview of Workflow Management: from Process Modeling to Workflow Automation Infrastructure”, Distributed and Parallel Databases, vol. 3, no. 3, 1995.
[20]Giuri, L. and Iglio, P., “A Formal Model for Role-Based Access Control with Constraints”, Proceedings of the 9th IEEE Workshop on Computer Security Foundations, Dromquinna Manor, Kenmare, Country Kerry, Ireland, pp. 136-145, March 1996.
[21]Kang, M. H., Park, J. S. and Froscher, J. N., “Access Control Mechanisms for Inter-Organizational Workflow”, Proceedings of the 6th ACM Symposium on Access Control Models and Technologies, Chantilly, Virginia, U.S.A., pp. 66-74, May 2001.
[22]Lee, M. K. O. and Turban, E., “A Trust Model for Consumer Internet Shopping”, International Journal of Electronic Commerce, vol. 6, no.1, pp. 75-91, 2001.
[23]Lu, J., Li, R., Lu, Z. and Li, B., “Integrating Trust and Role for Secure Interoperation in Multi-Domain Environment”, International Conference on Information Security and Assurance, pp. 77-82, 2008.
[24]McKnight, D. H., Cummings, L. L. and Chervany, N. L., “Initial Trust Formation in New Organizational Relationships”, Academy of Management Review, vol. 23, no. 3, pp. 473-490, July 1998.
[25]Moorman, C., Deshpande, R. and Zaltman, G., “Factors Affecting Trust in Market Research Relationships”, Journal of Marketing, vol. 57, no. 1, pp. 81-101, January 1993.
[26]Ray, I. and Chakraborty, S., “A Vector Model of Trust for Developing Trustworthy Systems”, Proceedings of the 9th European Symposium of Research in Computer Security, vol. 3193, pp. 260-275, September 2004.
[27]Ring, P. S. and Van de Ven, A. H., “Structuring Cooperative Relationships between Organizations”, Strategic Management Journal, vol. 13, no. 7, pp. 483-498, October 1992.
[28]Rotter, J. B., “Interpersonal Trust, Trustworthiness, and Gullibility”, American Psychologist, vol. 35, no. 1, pp. 1-7, January 1980.
[29]Sandhu, R. S., Coyne, E. J., Feinstein, H. L. and Youman, C. E., “Role-Based Access Control Models”, IEEE Computer, vol. 29, no. 2, pp. 38-47, February 1996.
[30]Sandhu, R. S., Coyne, E. J., Feinstein, H. L. and Youman, C. E., “Role-Based Access Control: A Multi-Dimensional View”, Proceedings of 10th Annual Computer Security Applications Conference, Orlando, Florida, U.S.A., pp. 54-62, December 1994.
[31]Sandhu, R. S., Ferraiolo, D. F. and Kuhn, D. R., “The NIST Model for Role-Based Access Control: Towards A Unified Standard”, Proceedings of the 5th ACM Workshop on Role-Based Access Control, Berlin, Germany, pp. 47-63, July 2000.
[32]Takabi, H., Amini, M. and Jalili, R., “Trust-Based User-Role Assignment in Role-Based Access Control”, in Proc. 2007 ACS/IEEE International Conference on Computer Systems and Applications, pp. 807-814, 2007.
[33]Workflow Management Coalition, “Interface 1: Process Definition Interchange Process Model”, Technical report WfMC TC-1016-P, October 1999.
[34]Workflow Management Coalition, “Terminology &; Glossary”, Technical report WfMC TC-1011, February 1999.
[35]Workflow Management Coalition, “The Workflow Reference Model”, Technical report WfMC TC-1003, January 1995.
[36]Yang, J., “The Role of Trust in Organizations: Do Foci and Bases Matter?”, Unpublished Doctoral Dissertation, Nanjing University, China.

連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
系統版面圖檔 系統版面圖檔