Decentralized Enforcement of Artifact Lifecycles

International audienceArtifact-centric workflows describe possible executions of a business process through constraints expressed from the point of view of the documents exchanged between principals. A sequence of manipulations is deemed valid as long as every document in the workflow follows its prescribed lifecycle at all steps of the process. So far, establishing that a given workflow complies with artifact lifecycles has mostly been done through static verification, or by assuming a centralized access to all artifacts where these constraints can be monitored and enforced. We present in this paper an alternate method of enforcing document lifecycles that requires neither static verification nor single-point access. Rather, the document itself is designed to carry fragments of its history, protected from tampering using hashing and public-key encryption. Any principal involved in the process can verify at any time that a document's history complies with a given lifecycle. Moreover, the proposed system also enforces access permissions: not all actions are visible to all principals, and one can only modify and verify what one is allowed to observe

Decentralized Enforcement of Artifact Lifecycles

International audienceArtifact-centric workflows describe possible executions of a business process through constraints expressed from the point of view of the documents exchanged between principals. A sequence of manipulations is deemed valid as long as every document in the workflow follows its prescribed lifecycle at all steps of the process. So far, establishing that a given workflow complies with artifact lifecycles has mostly been done through static verification, or by assuming a centralized access to all artifacts where these constraints can be monitored and enforced. We present in this paper an alternate method of enforcing document lifecycles that requires neither static verification nor single-point access. Rather, the document itself is designed to carry fragments of its history, protected from tampering using hashing and public-key encryption. Any principal involved in the process can verify at any time that a document's history complies with a given lifecycle. Moreover, the proposed system also enforces access permissions: not all actions are visible to all principals, and one can only modify and verify what one is allowed to observe

Information flow control in cloud computing

Abstract-Cloud computing is an emerging computing paradigm where computing resources are provided as services over Internet while residing in a large data center. Even though it enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm brings forth many new challenges for the data security and access control as users outsource their sensitive data to clouds, which are beyond the same trusted domain as data owners. A fundamental problem is the existence of insecure information flows due to the fact that a service provider can access multiple virtual machines in clouds. Sensitive information may be leaked to unauthorized customers and such critical information flows could raise conflict-of-interest issues in cloud computing. In this paper, we propose an approach to enforce the infor mation flow policies at Infrastructure-as-a-Service (IaaS) layer in a cloud computing environment. Especially, we adopt Chinese Wall policies to address the problems of insecure information flow. We implement a proof-of-concept prototype system based on Eucalyptus open source packages to show the feasibility of our approach. This system facilitates the cloud management modules to resolve the conflict-of-interest issues for service providers in clouds. I

Semantic Information Assurance for Secure Distributed Knowledge Management: A Business Process Perspective

Secure knowledge management for eBusiness processes that span multiple organizations requires intraorganizational and interorganizational perspectives on security and access control issues. There is paucity in research on information assurance of distributed interorganizational eBusiness processes from a business process perspective. This paper presents a framework for secure semantic eBusiness processes integrating three streams of research, namely: 1) eBusiness processes; 2) information assurance; and 3) semantic technology. This paper presents the conceptualization and analysis of a secure semantic eBusiness process framework and architecture, and provides a holistic view of a secure interorganizational semantic eBusiness process. This paper fills a gap in the existing literature by extending role-based access control models for eBusiness processes that are done by using ontological analysis and semantic Web technologies to develop a framework for computationally feasible secure eBusiness process knowledge representations. An integrated secure eBusiness process approach is needed to provide a unifying conceptual framework to understand the issues surrounding access control over distributed information and knowledge resources

Enterprise Modelling using Algebraic Graph Transformation - Extended Version

An analysis of today's situation at Credit Suisse has shown severe problems, because it is based on current best practices and ad-hoc modelling techniques to handle important aspects of security, risk and compliance. Based on this analysis we propose in this paper a new enterprise model which allows the construction, integration, transformation and evaluation of different organizational models in a big decentralized organization like Credit Suisse. The main idea of the new model framework is to provide small decentralized models and intra-model evaluation techniques to handle services, processes and rules separately for the business and IT universe on one hand and for human-centric and machine-centric concepts on the other hand. Furthermore, the new framework provides inter-modelling techniques based on algebraic graph transformation to establish the connection between different kinds of models and to allow integration of the decentralized models. In order to check for security, risk and compliance in a suitable way, our models and techniques are based on different kinds of formal methods. In this paper, we show that algebraic graph transformation techniques are useful not only for intra-modelling - using graph grammars for visual languages and graph constraints for requirements - but also for inter-modelling - using triple graph grammars for model transformation and integration. Altogether, we present the overall idea of our new model framework and show how to solve specific problems concerning intra- and inter-modelling as first steps. This should give evidence that our framework can also handle important other requirements for enterprise modelling in a big decentralized organization like Credit Suisse

Time to Shrink to Greatness? Networks and Conflicts of Interests in Large Professional Firms

Conflicts of interests are often dealt with by arguing that individuals, not institutions, are responsible for behaving unethically. In fact, institutions often push individuals to behave unethically. Individuals would need to be heroes to behave differently. This is particularly visible in organizations whose members are professionals; as brokers and boundary spanners, they use conflicts of interests to increase the power of their firm. Organizations cover themselves against accusations of unethical behavior by introducing formal organizational separations between their members, replicating inside the organization the boundaries that reflect external conflict. An example of such organizational devices are provided by Chinese walls. Using a network study of a New Eng- land corporate law firm, I look into the black box of such organizations and show that it is impossible for members to respect such Chinese walls unless they are heroes. The question arising from this analysis is, therefore, whether or not it is time for such professional firms to shrink to greatness. If members cannot be expected to be heroes, should their institutions not be redesigned so as to prevent unethical behavior without counting on their heroism

Access Control from an Intrusion Detection Perspective

Access control and intrusion detection are essential components for securing an organization's information assets. In practice, these components are used in isolation, while their fusion would contribute to increase the range and accuracy of both. One approach to accomplish this fusion is the combination of their security policies. This report pursues this approach by defining a comparison framework for policy specification languages and using this to survey the languages Ponder, LGI, SPL and PDL from the perspective of intrusion detection. We identified that, even if an access control language has the necessary ingredients for merging policies, it might not be appropriate due to mismatches in overlapping concepts