Multilayer authorization model and analysis of authorization methods

Authors: ALPER UĞUR, İBRAHİM SOĞUKPINAR

Abstract: There are various methods proposed in the literature to provide authorization control in workflows and information systems. Authorization implementations have deficiencies based on procedural scope. Basic login mechanisms grant system-wide access; the provided margins are broad. Access control lists provide limited definition on access restrictions; the authorization is bounded by these definitions. Role based authorizations do not cover regulations in institutions where the regulations describe specific operations and their operational procedures in institutional workflows. The proposed multilayer authorization model depicts the attributes of authorization mechanisms and analyzes the methods according to their authorization capabilities and contributions to the reliability of documents in the workflow. The layered structure provides comparative and integrated analysis of the authorization mechanisms. The incremental authorization structure would be a guide for implementations in that each layer presents the scope of authorization by providing analysis on deficiencies and the methods of solution. An institutional authorization mechanism on documents is also proposed. The proposed mechanism suggests and implements an authorization mechanism to enclose authorization restrictions in institutional regulations.

Keywords: Authorization, information reliability, Petri net analysis

Full Text: PDF