Compliance of Semantic Constraints - A Requirements Analysis for Process Management Systems

Key to the use of process management systems (PrMS) in practice is their ability to facilitate the implementation, execution, and adaptation of business processes while still being able to ensure error-free process executions. Mechanisms have been developed to prevent errors at the syntactic level such as deadlocks. In many application domains, processes often have to comply with business level rules and policies (i.e., semantic constraints). Hence, in order to ensure error-free executions at the semantic level, PrMS need certain control mechanisms for validating and ensuring the compliance with semantic constraints throughout the process lifecycle. In this paper, we discuss fundamental requirements for a comprehensive support of semantic constraints in PrMS. Moreover, we provide a survey on existing approaches and discuss to what extent they meet the requirements and which challenges still have to be tackled. Finally, we show how the challenge of life time compliance can be dealt with by integrating design time and runtime process validation

Implementation of Smart Contracts Using Hybrid Architectures with On- and Off-Blockchain Components

Recently, decentralised (on-blockchain) platforms have emerged to complement centralised (off-blockchain) platforms for the implementation of automated, digital (smart) contracts. However, neither alternative can individually satisfy the requirements of a large class of applications. On-blockchain platforms suffer from scalability, performance, transaction costs and other limitations. Off-blockchain platforms are afflicted by drawbacks due to their dependence on single trusted third parties. We argue that in several application areas, hybrid platforms composed from the integration of on- and off-blockchain platforms are more able to support smart contracts that deliver the desired quality of service (QoS). Hybrid architectures are largely unexplored. To help cover the gap, in this paper we discuss the implementation of smart contracts on hybrid architectures. As a proof of concept, we show how a smart contract can be split and executed partially on an off-blockchain contract compliance checker and partially on the Rinkeby Ethereum network. To test the solution, we expose it to sequences of contractual operations generated mechanically by a contract validator tool.Comment: 12 pages, 7 figure

Trust-Based Protection of Software Component Users and Designers

Abstract. Software component technology supports the cost-effective design of applications suited to the particular needs of the application owners. This design method, however, causes two new security risks. At first, a malicious component may attack the application incorporating it. At second, an application owner may incriminate a component designer falsely for any damage in his application which in reality was caused by somebody else. The first risk is addressed by security wrappers control-ling the behavior at the component interface at runtime and enforcing certain security policies in order to protect the other components of the application against attacks from the monitored component. Moreover, we use trust management to reduce the significant performance overhead of the security wrappers. Here, the kind and intensity of monitoring a com-ponent is adjusted according to the experience of other users with this component. Therefore a so-called trust information service collects posi-tive and negative experience reports of the component from various users

Foundations of B2B electronic contracting

Nowadays, flexible electronic cooperation paradigms are required for core business processes to meet the speed and flexibility requirements dictated by fast-changing markets. These paradigms should include the functionality to establish the formal business relationship required by the importance of these core processes. The business relationship should be established in an automated, electronic way in order to match the speed and flexibility requirements mentioned above. As such, it should considerably improve on the ineffectiveness and inefficiency of traditional contracting in this context. The result of the establishment should be a detailed electronic contract that contains a complete specification of the intended cooperation between organizations. Electronic contracts should contain a precise and unambiguous specification of the collaboration at both the conceptual and technological level. Existing commercial software solutions for business-to-business contracting provide low level of automation and concentrate solely on the automated management of the contract enactment. However, in the modern, dynamic, business settings, an econtracting system has to support high automation of the e-contract establishment, enactment, and management. In the thesis, the business, legal, and technological requirements for the development of a highly automated e-contracting system are investigated. Models that satisfy these requirements and that can be used as a foundation for the implementation of an electronic contracting system are defined. First, the thesis presents the business benefits introduced to companies by highly automated electronic contracting. Next, a data and process analysis of electronic contracting is presented. The specification of electronic contracts and the required process support for electronic contract establishment and enactment are investigated. The business benefits and data and process models defined in the thesis are validated on the basis of two business cases from on-line advertising, namely the cases of online advertising in "De Telegraaf" and "Google". Finally, the thesis presents a specification of the functionalities that must be provided by an e-contracting system. A conceptual reference architecture that can be used as a starting point in the design and implementation of an electronic contracting system is defined. The work in the thesis is conducted on the intersection of the scientific areas of conceptual information and process modeling and specification on the one hand and distributed information system architecture modeling on the other hand

Monitoring Multi-Party Contracts for E-Business.

"Monitoring Multi-party Contracts for E-business" investigates the issues involved in the performance of econtract monitoring of business automations in business to business e-commerce environment. A pro-active monitoring contract model and monitoring mechanism have been designed and developed. A new architecture and framework is proposed for pro-active monitorable contracts. This pro-active monitoring contract model is supported by a prototype

Interoperability of DRM Systems

The study deals with the cutting-edge subject of electronic contracts which have the potential to automatically process and control the access rights for (electronic) goods. It shows the design and the implementation of a rights expression exchange framework. The framework allows DRM systems to exchange electronic contracts, formulated in a standardized rights expression language, and thus provides DRM system interoperability. The work introduces a methodology for the standardized composition, exchange and processing of electronic contracts or rights expressions

Automatic negotiation of multi-party contracts in agricultural supply chain

Orientador: Edmundo Roberto Mauro MadeiraTese (doutorado) - Universidade Estadual de Campinas, Instituto de ComputaçãoResumo: Uma cadeia produtiva agropecuária 'e constituída por diversos tipos de atores que estabelecem uma rede de relacionamentos bastante complexa. Estes relacionamentos variam de ad hoc e de curta duração até altamente estruturado e de longa duração. As cadeias produtivas agropecuárias possuem algumas particularidades, tais como, regulamentação estrita e dependência cultural, e possuem relevância social e econômica. A utilização de contratos 'e a forma natural para expressar os relacionamentos entre os membros de uma cadeia. Desta forma, contratos e a atividade de negociá-los são de grande importância numa cadeia produtiva. Esta tese propõe um modelo para cadeias produtivas agropecuárias que integra suas principais características, incluindo seus aspectos estruturais e sua dinâmica. Em particular, a tese propõe um formato para contratos multi-laterais e um protocolo de negociação que os constrói. Contratos multi-laterais são importantes neste contexto, pois vários atores de uma cadeia produtiva podem construir alianças que compreendem direitos e obrigações mútuos. Um conjunto de contratos bi-laterais não 'e adequado para tal propósito. A tese também apresenta uma implementação do protocolo de negócio baseado em serviços Web e numa máquina de workflow (YAWL)Abstract: An agricultural supply chain comprises several kinds of actors that establish a complex net of relationships. These relationships may range from ad hoc and short lasting ones to highly structured and long lasting. This kind of chain has a few particularities like strict regulations and cultural influences, and presents a quite relevant economical and social importance. Contracts are the natural way of expressing relationships among members of a chain. Thus, the contracts and the activity of negotiating them are of major importance within a supply chain. This thesis proposes a model for agricultural supply chains that integrates seamlessly their main features, including their structure and their dynamics. Specifically, the thesis proposes a multi-party contract format and a negotiation protocol that builds such kind of contracts. Multi-party contracts are important in this context because several actors of a supply chain may build alliances comprising mutual rights and obligations. A set of bilateral contracts is not well-fitted for such a purpose. The thesis also presents an implementation of the negotiation protocol that builds on Web services and a workflow engine (YAWL)DoutoradoSistemas de ComputaçãoDoutor em Ciência da Computaçã

Le contrôle d'accès des réseaux et grandes infrastructures critiques distribuées

La stabilité et le développement des nations dépendent grandement de leurs Infrastructures Critiques (IC). Vu leur importance, de nombreuses menaces guettent leurs systèmes d’information - aussi appelés Infrastructures d’Information Critiques (IIC) -, parmi elles: les atteintes à l’intégrité de leurs données et processus informatisés ainsi que les abus pouvant survenir au cours des collaborations avec d’autres parties. L’intégrité d’une information, qui est sa propriété de ne pas être altérée, est primordiale pour les IIC puisqu’elles manipulent et génèrent des informations devant nécessairement être correctes et fiables. Dans un contexte de mondialisation et d’ouverture, les IC ne peuvent évoluer sans collaborer avec leur environnement. Toutefois, cela n’est pas sans risques puisque les ressources qu’elles engagent peuvent faire l’objet de corruptions et de sabotages. Tentant de réduire les risques de corruptions pouvant émaner de l’intérieur comme de l’extérieur, nous avons œuvré à l’amélioration du mécanisme de contrôle d’accès. Incontournable, il vise à limiter les actions auxquelles peuvent prétendre les utilisateurs légitimes du système, conformément à la politique de sécurité de l’organisation. La pertinence et la finesse de cette dernière impacte grandement l’efficacité du mécanisme. Ainsi, les modèles de contrôle d’accès sont utilisés pour faciliter l’expression et l’administration desdites politiques. OrBAC est un modèle riche et dynamique, satisfaisant plusieurs besoins des IIC, en revanche il reste limité quant à la prise en charge de l’intégrité, aussi bien en contexte localisé que distribué. Ainsi, nous avons proposé une extension d’OrBAC pour les environnements localisés, Integrity-OrBAC (I-OrBAC), qui tient compte de contraintes réelles liées à l’intégrité pour statuer sur les requêtes d’accès. I-OrBAC intègre des paramètres issus de l’application de méthodes d’analyse de risques pour refléter les besoins des ressources passives et apprécier, à leur juste valeur, les habilitations des sujets. Cela nous a orientés vers une modélisation en multi-niveaux d’intégrité qui favorisera la priorisation des biens sensibles, comme la stipule les programmes de protection des IC. Dans I-OrBAC, les niveaux d’intégrité servent aussi bien à contraindre l’attribution des privilèges qu’à la rendre plus flexible : ces niveaux restreignent les accès pour garantir que seuls les utilisateurs chevronnés accèdent aux ressources sensibles, mais permettent aussi aux sujets de différents rôles de réaliser une même tâche, étant bien sûr assujettis à des niveaux seuils différents. Pour rendre I-OrBAC proactif - non limité à statuer uniquement sur les requêtes d’accès - nous avons proposé un algorithme qui vise à déterminer le sujet le plus adéquat, parmi les rôles prioritaires, pour la réalisation d’une tâche sans attendre que les sujets n’en fassent la requête. L’algorithme est décrit par un système d’inférence pour faciliter sa compréhension tout en favorisant la conduite de raisonnements logiques et la dérivation de conclusions. Nous avons proposé une implémentation de notre modèle dans le cadre d’une étude de cas tirée du projet européen FP7 CRUTIAL relatif aux réseaux de transport et de distribution d’électricité. Finalement, pour pallier les problèmes issus des collaborations, nous avons fait appel aux contrats électroniques pour étendre I-OrBAC aux environnements distribués - l’extension Distributed IOrBAC (DI-OrBAC). Ces pactes servent non seulement à définir le contexte, les clauses ainsi que les activités à réaliser mais aussi à prévenir l’occurrence de litiges et à les résoudre. Toutefois, nous avons dû concevoir des mécanismes adaptés à notre modèle I-OrBAC pour leur négociation et leur application

Introducing norms into practical reasoning agents

As distributed electronic systems grow to include thousands of components, from grid to peer-to-peer nodes, from (Semantic) Web services to web-apps to computation in the cloud, governance of such systems is becoming a real challenge. Modern approaches ensuring appropriate individual entities' behaviour in distributed systems, which comes from multi-agent systems (MAS) research, use norms (or regulations or policies) and/or communication protocols to express a different layer of desired or undesired states. From the individuals perspective, an agent needs to be able to function in an environment where norms act as behavioural restrictions or guidelines as to what is appropriate, not only for the individual but also for the community. In the literature the concept of norms has been defined from several perspectives: as a rule or standard of behaviour shared by members of a social group, as an authoritative rule or standard by which something is judged, approved or disapproved, as standards of right and wrong, beauty and ugliness, and truth and falsehood, or even as a model of what should exist or be followed, or an average of what currently does exist in some context. Currently there exist in the literature: 1) some treatments that formally connect the deontic aspects of norms with their operationalisation; 2) some treatments that properly distinguish between abstract norms and their (multiple) instantiations at runtime; 3) little work that formalises the operational semantics in a way that ensures flexibility in their translation to actual implementations while ensuring unambiguous interpretations of the norms; 4) little work that is suitable for both institutional-level norm monitoring and individual agent norm-aware reasoning to ensure that both are aligned; 5) few works that explore how the norms may affect the decision making process of an agent when the process includes planning mechanisms at runtime for means-ends reasoning. However, currently there is no work that includes both a formalism and an implementation covering 1-5 altogether. This thesis presents work towards the above five areas. We give a proposal to bridge the gap between a single norm formalisation and the actual mechanisms used for norm-aware planning, in order to create a normative practical reasoning mechanism. One way to do this is by reducing deontic-based norm definitions to temporal logic formulas which, in turn, can be translated into planning operational semantics. Based on these semantics, we create a mechanism to support practical normative reasoning that can be used by agents to produce and evaluate their plans. We construct a norm-oriented agent that takes into consideration operationalised norms during the plan generation phase, using them as guidelines to decide the agents future action path. To make norms influence plan generation, our norm operational semantics is expressed as an extension of the planning domain, acting as a form of temporal restrictions over the trajectories (plans) computed by the planner. We consider two approaches to do so. One implementing the semantics by using planning with constraints through paths and the other by directly translating the norms into domain knowledge to be included into the planning domain. We explore a scenario based on traffic laws in order to demonstrate the usability of our proposal. We also show how our normative frameworks are successfullyintegrated into an existing BDI agent implementation, 2APL. For each approach taken, we present quantitative experimental results and illustrate the opportunities for further research.La gestión de sistemas electrónicos distribuidos se está convirtiendo en un auténtico reto a medida que dichos sistemas crecen incluyendo múltiples componentes, desde nodos grid a peer-to-peer, servicios de la Web semántica, aplicaciones web o computación en la nube. Los enfoques modernos que aseguran un comportamiento adecuado de las entidades individuales en sistemas distribuidos, y que provienen de la investigación en sistemas multi-agentes (MAS), utilizan normas (o regulaciones o políticas) para expresar un nivel diferente de estados deseados o no deseados. Desde la perspectiva del individuo, un agente necesita poder funcionar en un entorno donde las normas actúen como restricciones o directrices de comportamiento respecto a lo que es apropiado,no únicamente para el individuo sino para la comunidad en su conjunto. En la literatura el concepto de norma se ha definido desde varias perspectivas: como una regla o estándar de comportamiento compartida por los miembros de un grupo social, como estándar de lo correcto o incorrecto, belleza o fealdad, o incluso, como un modelo que debería existir o ser seguido. En la actualidad se pueden encontrar en la literatura: 1) trabajos que conectan formalmente los aspectos deónticos de las normas con su operacionalización; 2) trabajos que distinguen adecuadamente entre normas abstractas y sus (múltiples) instanciaciones en tiempo de ejecución; 3) algún ejemplo que formaliza las semánticas operacionales de manera que se asegura la flexibilidad en su traducción a implementaciones garantizando a su vez interpretaciones no ambiguas de las normas; 4) algún trabajo que se adecúa tanto a la monitorización de normas a nivel institucional como al razonamiento basado en normas a nivel de los agentes individuales y que asegura que ambos están alineados; 5) algún trabajo que explora como las normas pueden afectar al proceso de toma de decisiones de un agente cuando el proceso incluye mecanismos de planificación en tiempo real para un razonamiento medios-fines. Sin embargo, actualmente no existe ningún enfoque que incluya formalismos e implementaciones abordando los 5 puntos al mismo tiempo. La presente tesis propone contribuciones en las cinco áreas mencionadas. Se presenta una propuesta para establecer un enlace entre la formalización de una norma y los mecanismos utilizados en la planificación basada en normas con el objetivo de crear un mecanismo de razonamiento práctico normativo. Una forma de conseguirlo es mediante la reducción de las definiciones de normas basadas en deóntica a fórmulas de lógica temporal que, a su vez, pueden ser traducidas a semánticas operacionales de planificación. Basándose en estas semánticas, se ha creado un mecanismo para dar soporte al razonamiento normativo práctico que puede ser utilizado por los agentes para producir y evaluar sus planes. Se ha construido un agente orientado a normas que tiene en consideración las normas operacionalizadas durante la fase de generación de planes, utilizándolas como directrices para decidir el futuro curso de acción del agente. Nuestras semánticas operacionales de normas se expresan como una extensión del dominio de la planificación, actuando como una forma de restricciones temporales sobre las trayectorias (planes) computadas por el planificador. Se han considerado dos enfoques para realizarlo. Uno, implementando las semánticas utilizando planificación con restricciones a través de caminos y otro, traduciendo directamente las normas en conocimiento del dominio que se incluirá en el dominio de planificación. Se explora un escenario basado en normas de circulación de tráfico para demostrar la usabilidad de nuestra propuesta. Se mostrará también como nuestro marco normativo se integra satisfactoriamente en una implementación existente de agentes BDI, 2APL. Para cada enfoque considerado, se presentan resultados experimentales cuantitativos y se ilustran las oportunidades para futuros trabajos de investigación.A mesura que els sistemes electrònics distribuïts creixen per incloure milers de components,des de nodes grid a peer-to-peer fins a serveis de la Web semàntica, aplicacions web o computació al núvol, la gestió d’aquests sistemes s’està convertint en un autèntic repte. Els enfocs moderns que asseguren el comportament apropiat de lesentitats individuals en sistemes distribuïts, que prové de la recerca en sistemes multiagents, utilitzen normes (o regulacions o polítiques) i/o protocols de comunicació perexpressar una capa diferent d’estats desitjats o no desitjats. Des de la perspectiva de l’individu, un agent necessita poder funcionar en un entorn on les normes actuïn coma restriccions de comportament o guies respecte al que és apropiat, no només per al individu sinó per a la comunitat.En la literatura el concepte de normes s’ha tractat des de diferents perspectives: com una regla o estàndard de comportament compartida pels membres d’un grup social, com una regla o estàndard autoritari pel qual alguna cosa és jutjada, aprovada o desaprovada,com estàndard del correcte i del incorrecte, bellesa i lletjor, veritat i falsedat, o inclús com un model del que hauria d’existir o ser seguit, o com una mitjana del que actualment existeix en un context donat. Actualment trobem en la literatura:1) alguns tractaments que connecten formalment els aspectes deòntics de les normes amb la seva operacionalització; 2) alguns tractaments que distingeixen adequadament entre normes abstractes i les seves (múltiples) instanciacions en temps real; 3) alguns exemples que formalitzen les semàntiques operacionals de manera que asseguren flexibilitaten la seva traducció a implementacions garantint interpretacions no ambigües de les normes; 4) alguns treballs adequats per a la monitorització de normes a nivell institucional i per al raonament basat en normes en agents individuals assegurant que ambdós estan alineats; 5) alguns treballs que exploren com les normes poden afectar el procés de presa de decisions d’un agent quan el procés inclou mecanismes de planificació en temps real per a raonament mitjans-finalitats. D’altra banda, actualment noexisteix cap enfoc que inclogui formalismes i implementacions cobrint els punts 1-5 a la vegada.Aquesta tesi presenta contribucions en les cinc àrees esmentades. Presentem una proposta per establir un enllaç entre la formalització d’una norma i els mecanismes emprats en la planificació basada en normes per tal de crear un mecanisme de raonament pràctic normatiu. Una manera d’aconseguir-ho és reduint les definicions de normes deòntiques a fórmules de lògica temporal les quals poden ser traduïdes asemàntiques de planificació operacional. Basant-nos en aquestes semàntiques, hem creat un mecanisme per donar suport al raonament normatiu pràctic que pot ser emprat per agents per produir i avaluar els seus plans. Hem construït un agent orientat a normes que pren en consideració durant la fase de generació de plans les normes operacionalitzades, utilitzant-les com a guia per decidir el futur curs d’acció de l’agent.Per tal de fer que les normes influenciïn la generació de plans, les nostres semàntiques operacionals de normes s’expressen com una extensió del domini de la planificació,actuant com una mena de restriccions temporals sobre les trajectòries (plans) computadespel planificador. Considerem dos enfocs per dur-ho a terme. Un implementant les semàntiques emprant planificació amb restriccions per mitjà de camins i l’altre traduint directament les normes en coneixement del domini a ser inclòs en el domini de planificació. Explorem un escenari basat en les normes de circulació de tràfic per demostrar la usabilitat de la nostra proposta. Mostrarem també com el nostre marc normatiu s’integra satisfactòriament en una implementació existent d’agentBDI, 2APL. Per cada enfoc considerat, presentem resultats experimentals quantitatius i il.lustrem les oportunitats per treballs de recerca futurs

Discretionary Enforcement Of Electronic Contracts

As in traditional commerce, parties to a contract in e-business environments are expected to operate in good faith and comply with mutually agreed terms of the contract. It may be the case however that deviation from the agreed contract obligations occur either intentionally or due to force majeure. We argue that there is value in providing various levels of automated support to deal with contract non-compliance in e-marketplaces in order to reach the best overall outcome for all parties. This includes monitoring contract significant events, simple notifications to the parties about non-compliance events and a range of enforcement mechanisms. These mechanisms can be either nondiscretionary (as in preventive security mechanisms) or discretionary, which rely on a number of control mechanisms that are applied when contract rules are violated. We describe a number of such control mechanisms and how they can be used to extend capabilities of a contract management architecture previously developed