A Tool for Supporting Object-Aware Processes

Although the popularity of activity-centric process management systems (PrMS) has increased during the last decade, there still exist business processes that cannot be adequately supported by these PrMS. A common characteristic of these processes, which is neglected by current activity-centric PrMS, is their need for object-awareness; i.e., the explicit processing of business data and business objects respectively. In the PHILharmonicFlows project, characteristic properties of object-aware processes were identified and an advanced framework for their proper support was designed. In this paper, we present a proof-of-concept prototype implementing some of the fundamental concepts of the PHILharmonicFlows framework. Overall, this initiative will result in a new generation of process management technology

Modeling and enacting complex data dependencies in business processes

Enacting business processes in process engines requires the coverage of control flow, resource assignments, and process data. While the first two aspects are well supported in current process engines, data dependencies need to be added and maintained manually by a process engineer. Thus, this task is error-prone and time-consuming. In this report, we address the problem of modeling processes with complex data dependencies, e.g., m:n relationships, and their automatic enactment from process models. First, we extend BPMN data objects with few annotations to allow data dependency handling as well as data instance differentiation. Second, we introduce a pattern-based approach to derive SQL queries from process models utilizing the above mentioned extensions. Therewith, we allow automatic enactment of data-aware BPMN process models. We implemented our approach for the Activiti process engine to show applicability. Keywords: Process Modeling, Data Modeling, Process Enactment, BPMN, SQ

When Big Brother Privatizes: Commercial Surveillance, the Privacy Act of 1974, and the Future of RFID

RFID is a powerful new technology that has the potential to allow commercial retailers to undermine individual control over private information. Despite the potential of RFID to undermine personal control over such information, the federal government has not enacted a set of practicable standards to ensure that personal data does not become widely misused by commercial entities. Although some potential privacy abuses could be addressed by modifying RFID technology, this iBrief argues that it would be wise to amend the Privacy Act of 1974 so that corporations would have a statutory obligation to preserve individual anonymity and respect the privacy preferences of consumers

WS-Governance: a Policy Language for SOA Governance

The widespread use of Service Oriented Architectures (SOA) is beginning to create problems derived from the governance of said structures. To date there is not a single effective solution to solve all existing challenges to govern this type of infrastructure. This paper describes the problems encountered when designing a SOA governance solution in a real e-Government scenario. More specifically, we focus on problems related to specification and automated analysis of government policies. We propose a novel SOA governance specification model as a solution to these problems. We have named this model WS-Governance. in order to ease its adoption by SOA practitioners it: i) shares WS-Policy guidelines and is compatible with it, ii) has XML serialization as well as a plain-text one and iii) has a CSP based semantics that provides a precise description as well as facilitating the automation of some editing and WS-Governance related activities such as consistency checking

Modularity for Security-Sensitive Workflows

An established trend in software engineering insists on using components (sometimes also called services or packages) to encapsulate a set of related functionalities or data. By defining interfaces specifying what functionalities they provide or use, components can be combined with others to form more complex components. In this way, IT systems can be designed by mostly re-using existing components and developing new ones to provide new functionalities. In this paper, we introduce a notion of component and a combination mechanism for an important class of software artifacts, called security-sensitive workflows. These are business processes in which execution constraints on the tasks are complemented with authorization constraints (e.g., Separation of Duty) and authorization policies (constraining which users can execute which tasks). We show how well-known workflow execution patterns can be simulated by our combination mechanism and how authorization constraints can also be imposed across components. Then, we demonstrate the usefulness of our notion of component by showing (i) the scalability of a technique for the synthesis of run-time monitors for security-sensitive workflows and (ii) the design of a plug-in for the re-use of workflows and related run-time monitors inside an editor for security-sensitive workflows

Towards Schema Evolution in Object-aware Process Management Systems

Enterprises want to improve the lifecycle support for their businesses processes by modeling, enacting and monitoring them based on process management systems (PrMS). Since business processes tend to change over time, process evolution support is needed. While process evolution is well understood in traditional activity-centric PrMS, it has been neglected in object-aware PrMS so far. Due to the tight integration of processes and data, in particular, changes of the data and process schemes must be handled in an integrated way; i.e., the evolution of the data schema might affect the process schema and vice versa. This paper presents our overall vision on the controlled evolution of object-aware processes. Further, it discusses fundamental requirements for enabling the evolution of object-aware process schemas in PHILharmonicFlows, a framework targeting at comprehensive support of object-aware processes

Object-aware Business Processes: Properties, Requirements, Existing Approaches

Despite the increasing maturity of process management technology not all business processes are adequately supported by it. In particular, support for unstructured and knowledge-intensive processes is missing, especially since they cannot be straight-jacketed into predefined activities. A common characteristic of these processes is the role of busi-ness objects and data as drivers for process modeling and enactment. This paper elicits fundamental requirements for effectively supporting such object-aware processes; i.e., their modeling, execution and monitoring. Based on these requirements, we evaluate imperative, declarative, and data-driven process support approaches and investigate how well they support object-aware processes. We consider a tight integration of process and data as major step towards further maturation of process management technology