A collaborative workflow is a business process with a set of linked tasks. It is important to share knowledge in document format of the workflow to achieve a business objective or policy goal. When an electronic document is shared in a collaborative workflow, appropriate access controls are needed. Access control of documents involves the correlated setting of security at the document and data levels, corresponding to the sequence of workflow activities and organisational role hierarchy. This study proposes an access control mechanism for sharing electronic documents in a document-centric Workflow Management System (WfMS). A mandatory access mechanism is used to manage access control. The mechanism is demonstrated by an example of generating a quotation document using Oracle Workflow and Oracle PL/SQL.
Int. J. Information and Computer Security,1(4),437-454