An Approach for Supporting Ad-hoc Modifications in Distributed Workflow Management Systems

Supporting enterprise-wide or even cross-organizational business processes is a characteristic challenge for any workflow management system (WfMS). Scalability at the presence of high loads as well as the capability to dynamically modify running workflow (WF) instances (e.g., to cope with exceptional situations) are essential requirements in this context. Should the latter one, in particular, not be met, the WfMS will not have the necessary flexibility to cover the wide range of process-oriented applications deployed in many organizations. Scalability and flexibility have, for the most part, been treated separately in the relevant literature thus far. Even though they are basic needs for a WfMS, the requirements related with them are totally different. To achieve satisfactory scalability, on the one hand, the system needs to be designed such that a workflow instance can be controlled by several WF servers that are as independent from each other as possible. Yet dynamic WF modifications, on the other hand, necessitate a (logical) central control instance which knows the current and global state of a WF instance. For the first time, this paper presents methods which allow ad-hoc modifications (e.g., to insert, delete, or shift steps) to be performed in a distributed WfMS; i.e., in a WfMS with partitioned WF execution graphs and distributed WF control. It is especially noteworthy that the system succeeds in realizing the full functionality as given in the central case while, at the same time, achieving extremely favorable behavior with respect to communication costs

Advanced eGovernment Information Service Bus (eGov-Bus)

The eGov-Bus project provides citizens and businesses with improved access to virtual public services, which are based on existing national eGovernment Web services and which support cross-border life events. Requirements and specific rules of these life events are considered, and personalization of user preferences is supported. eGov-Bus is based on adaptable process management technologies, allowing for virtual services which are dynamically combined from existing national eGovernment services. In this way, a comprehensive workflow process is set up, allowing for service-level agreements, an audit trail and explanation of the process to the end user. The eGov-Bus process engine operates on top of a virtual repository, providing a high-level semantic view of information retrieved from heterogeneous information sources, such as eGovernment Web services. Further, eGov-Bus relies on a security framework to ensure all high-level security requirements are met. The eGov-Bus architecture is business oriented, it focuses on Service Oriented Architecture (SOA) concepts, asynchronously combining Web services and providing a Service Bus.Frameworks and Guidelines, eGovernment Ontologies, Admininistrative Process Design, Life Events, Web Services, Service Bus Integration

Distributed Access Control with Blockchain

The specification and enforcement of network-wide policies in a single administrative domain is common in today's networks and considered as already resolved. However, this is not the case for multi-administrative domains, e.g. among different enterprises. In such situation, new problems arise that challenge classical solutions such as PKIs, which suffer from scalability and granularity concerns. In this paper, we present an extension to Group-Based Policy -- a widely used network policy language -- for the aforementioned scenario. To do so, we take advantage of a permissioned blockchain implementation (Hyperledger Fabric) to distribute access control policies in a secure and auditable manner, preserving at the same time the independence of each organization. Network administrators specify polices that are rendered into blockchain transactions. A LISP control plane (RFC 6830) allows routers performing the access control to query the blockchain for authorizations. We have implemented an end-to-end experimental prototype and evaluated it in terms of scalability and network latency.Comment: 7 pages, 9 figures, 2 table