مدل اختیار مبتنی بر سیاست برای مدیریت فرایند پویا، جریان کار فعال شده

Although workflow has been widely used to support the modeling and execution of business process, the majority of current workflow management systems are not designed and suited for supporting dynamic business processes. One of the deficiencies is the inability to model realistically the organization of an enterprise to manage the dynamic human-centric business processes. A framework for workflow-enabled dynamic business process management is described in the paper. It includes an organizational model and an authorization model for supporting dynamic business processes. More specifically, authorization policies are expressed in an SQL-like language which can be easily rewritten into query sentences for execution. In addition, the framework supports dynamic integration and execution of multiple access control polices from disparate enterprise resources. Finally, a prototype implementation of the dynamic business process management framework is described.

Generally speaking, a workflow has three independent dimensions, namely: process logic, IT infrastructure and organization (Leymann and Roller, 2000). Process logic describes the “what” in terms of which activities are to be performed and in which sequence the activities are executed; IT infrastructure describes which IT resources, such as software programs that perform a particular activity, are required; the organization dimension describes the organizational structure of a company or an enterprise in terms of partners, departments, business roles and people, which provides the who should perform what activity. As workflow has been applied to an increasing number of areas, many designs and implementation technologies exist (Becker and zur Muehlen, 2002). Many workflow models such as web service composition languages BPEL4WS (IBM, 2004) and Enterprise Application Integration (EAI), do not define or include any notion of human activities. Similarly, researchers and vendors have been focused mainly on the process logic and IT infrastructure dimensions of workflow and often neglected the linkage between the organizational elements and process activities. The complete relationship among the three dimensions of workflow and especially the critical role played by the organization dimension are not well studied (Zur Muehlen, 2004). However, as a technology that roots in office automation of the 1970s (History of Workflow Research, 2004), workflow should support human-centric business processes and therefore must include the modeling of dynamic business roles and human activities. The importance of human involvement in workflow applications has recently been pointed out by (Moore, 2002), who has identified the excessive activity automation and poor design of work assignment strategies as critical issues in workflow projects. The enforcement of task assignment relies on an authorization model, which is expressed in terms of roles rather than in terms of specific individuals in order to reduce the number of authorizations necessary in the system and to simplify their maintenance (Casati et al., 2001). However, this role-based model alone is inadequate to meet all the requirements of processes within an organization. Such requirements may include: (1) role delegation (Akhil and Zhao, 2002), for example, when a worker is not available, a workflow system should be able to locate (and possibly assign) appropriate alternate workers to prevent excessive delays; (2) binding of roles (Akhil and Zhao, 2002), for example, a customer's complaint should be handled by the person who sold the product originally, and (3) separation of duties (Botha and Eloff, 2001), for example, individuals may not be allowed to approve his or her own travel expenses or supply requisitions. A business process in an organization can be quite complex and dynamic (Chung et al., 2003). However, current workflow systems can typically only support simple and predictable processes, but not the dynamically changing processes (van der Aalst and Jablonski, 2000). The dynamic business process brings additional challenges to the authorization strategy. For example, as most business processes involve team work, authorization strategy should not only be role based but also be team based (van der Aalst, 2001). Furthermore, each organization in an enterprise usually enforces its specific management policies; authorization strategies from different management policies should be coordinated. In this paper a policy-based authorization model for workflow-enabled dynamic business processes is proposed. A policy is specified in a Task Authorization Policy Language (TAPL), which can be easily translated into SQL query sentences so that the policy can be directly executed by a database management system. Based on the TAPL, a policy modeling and enforcement framework to support dynamic business processes is proposed. The remainder of the paper is organized as follows. Section 2 gives a brief review of workflow management and introduces a workflow-enabled dynamic process management framework. Section 3 presents an organizational model for dynamic business processes. Section 4 defines the syntax of TAPL and discusses the policy modeling and management problem in an organization. Section 5 introduces a framework together with some key techniques to support policy enforcement within a workflow management system. Section 6 describes briefly the implementation of a demonstration system. Section 7 discusses related work. Finally, Section 8 provides some concluding remarks.

There is a need to develop tools and models for supporting dynamic business processes. This paper focuses on providing an effective task assignment strategy for dynamic business processes. A framework is proposed to support dynamic task authorization policy modeling and enforcement in a business process environment where assignment policies come from different sources. The mechanism for facilitating task assignment policy is based on an SQL-like language called TAPL, which can be rewritten into SELECT sentences in SQL. TAPL can describe complex role constraints in a business process. Using standard SQL technology eliminates the need for developing a complex parser and executing components. In the current version of TAPL, a particular function is interpreted as an SQL sub-clause by a template that is developed as a part of pre-defined TAPL transforming program. A scalable TAPL transforming program framework that allows functions to be added and templates integrated into the framework should be investigated in the future