R. Thomas, R. Sandhu. 1993. "Towards a task-based paradigm for flexible and adaptable access control in distributed applications"

Authorizations in distributed applications should be seen in terms of tasks or activities rather than individual subjects and objects, based on two emerging trends:

1. The integration of computing within organizations, and the subsequent increase in the automation of organizational functions and work-flows.
2. The shift from main-frame computer systems to workstations and client-server technologies.

A task:

• is long-lived;
• may involve multiple subtasks, where a subtask may need to be individually or collectively authorized;
• may involve multiple and often distinct principals to carry out individual subtasks;
• is distributed in space and time.