Symptoms
We use InfoPath integrated workflows. We have to give users contribute and above permissions to the InfoPath library to launch the form. When workflows are in flight, an entry appears in the InfoPath library, which all users can see. Some of our workflows have sensitive information in them. Is there a way to secure these InfoPath libraries so that users can still launch a form, but not see it in flight?
Diagnoses
Rights can be applied to workflows to start, view or view, participate. The access to the forms in SharePoint are made thru SharePoint groups.
Resolution
Rights can be set for the workflow in K2 so the users can view only the steps on which they participate. For this you need to select View Participate right on the Process Rights of the Workflow. As for who can access the Library, that needs to be done thru SharePoint rights, granting or denying it to certain groups or users. With K2 you can only limit who can start the process, action it and view it.
If you are going to create SmartForms instead of InfoPath forms, you can restrict the access to the Designer or Runtime. Here is a link where it explains how to do that : http://help.k2.com/onlinehelp/k2smartforms/userguide/current/default.htm_RestrictAccessToSmartFormsDesigner_IIS.htm?TocPath=How%20To|_____20