Wednesday, April 9, 2008

Roles and Workflows FTW!

Some of the most useful things to come out of Computer Science are solutions to the complex problems that you encounter when you combine seemingly simple things.  In the design for Vertebra, we've been dealing with a number of simple technologies, trying to seam them into a whole.

One of the more vexing problems has been how to do security.  Inevitably a distributed system has the chance to be a distributed security disaster.  We've taken a look at using an RBAC system (role based access control).  This has interesting implications when integrated with our distributed workflow system.

Enter the ACM Digital Library.  Got to love it.  It looks like there are people researching this.  There I found an article titled "A Flexible Model Supporting the Specification and Enforcement of Role-based Authorizations in Workflow Management Systems".  I don't think we'll come close to implementing the whole system they describe, but it sure is nice to have an understanding of where it all could go.

It also confirms that we must be doing something right, as we're implementing stuff that was leading edge Computer Science only a decade ago!

No comments: