计算机工程与应用 ›› 2008, Vol. 44 ›› Issue (8): 23-26.

• 博士论坛 • 上一篇    下一篇

一种网格工作流委托授权框架模型

桂劲松1,陈志刚1,胡玉平2,刘 立1   

  1. 1.中南大学 信息科学与工程学院,长沙 410083
    2.广东商学院 信息学院,广州 510320
  • 收稿日期:2007-11-12 修回日期:2007-12-24 出版日期:2008-03-11 发布日期:2008-03-11
  • 通讯作者: 桂劲松

Delegation authorization framework model for grid workflow

GUI Jin-song1,CHEN Zhi-gang1,HU Yu-ping2,LIU Li1   

  1. 1.School of Information Science and Engineering,Central South University,Changsha 410083,China
    2.School of Information,Guangdong University of Business Studies,Guangzhou 510320,China
  • Received:2007-11-12 Revised:2007-12-24 Online:2008-03-11 Published:2008-03-11
  • Contact: GUI Jin-song

摘要: 在动态构建服务网格虚拟组织以协同问题求解的新趋势下,提出了一种服务网格工作流委托授权模型。提出委托凭证以细粒度地表示授权决策结果,定义了委托步和委托结构体以及它们之间的依赖关系以形式化地描述流程任务之间的内在约束关系。工作流的每个原子任务被授予一个由委托凭证和激活凭证集组成的委托步,每个任务被授予一个由委托步集和激活凭证集组成的委托结构体。各自的激活凭证集分别规定了委托步之间和委托结构体之间的依赖关系。通过监控委托步和委托结构体能够细粒度地控制网格工作流授权执行过程。实例表明了该模型能满足工作流应用对安全的需求。

Abstract: Under trend of dynamically constructing service grid virtual organization to solve coordinated work question,a delegation authorization model for service grid workflow is proposed.A delegation certification is proposed to express authorization decision result.Delegation step,delegation unit and their dependency relationships are defined to formally describe inherent restriction relationships between flow tasks.A delegation step consisting of a delegation certification and an enabled certification set is granted to an atom task of workflow,and its enabled certification set regulates dependency relationships between delegation steps.A delegation unit consisting of a delegation step set and an enabled certification set is granted to a task of workflow,and its enabled certification set regulates dependency relationships between delegation units.The authorization execution process of grid workflow can be controlled by above methods in a fine-grained manner.The exhibited example shows that the model satisfies security requirements of grid workflow application.