Context roles can be used to describe context constraints in an RBAC system. In a CR-RBAC system, a user cannot activate a context role to get the permissions to complete a job if the user does not satisfy the context constraints. To complete a workflow, one must execute successfully all the tasks that are defined sequentially. When the context constraints associated with some tasks of a workflow are not satisfied, those tasks cannot be executed and thus the workflow cannot proceed. This will cause delay of the workflow. In this thesis, we will introduce a model that integrated CR-RBAC and I-RBAC, and show its application to a workflow. If a user who was assigned to a task of a workflow does not satisfy the associated context constraint, the user cannot activate a context role to execute the task. But the user can use an isolation role to execute the task in an isolation environment temporarily. The workflow can still proceed without waiting. But the task must still be completed on host environment using the context role when the context constraints are satisfied. If the task cannot be completed on host environment, the task and its subsequent tasks must be rollbacked. A bank loan workflow was used as an example to illustrate our model. We assume that the task "Approve" has to be executed inside the bank. The user who was assigned to do the task "Approve" can use an isolation role to complete this task in isolated environment if he cannot meet the context constraints to activate a context role. Afterward the task can be confirmed in host environment by the task "Confirm". We used Activiti workflow engine in our implementation, where a program can be attached to a task. The system will reserve the loan amount of the workflow when the task "Approve" is executed by an isolation role. This amount will be restored if the final result of "Approve" is deny, and the system will notify other waiting workflows which need this amount to continue.