4,777 research outputs found
Enforcing reputation constraints on business process workflows
The problem of trust in determining the flow of execution of business processes has been in the centre of research interst in the last decade as business processes become a de facto model of Internet-based commerce, particularly with the increasing popularity in Cloud computing. One of the main mea-sures of trust is reputation, where the quality of services as provided to their clients can be used as the main factor in calculating service and service provider reputation values. The work presented here contributes to the solving of this problem by defining a model for the calculation of service reputa-tion levels in a BPEL-based business workflow. These levels of reputation are then used to control the execution of the workflow based on service-level agreement constraints provided by the users of the workflow. The main contribution of the paper is to first present a formal meaning for BPEL processes, which is constrained by reputation requirements from the users, and then we demonstrate that these requirements can be enforced using a reference architecture with a case scenario from the domain of distributed map processing. Finally, the paper discusses the possible threats that can be launched on such an architecture
Recommended from our members
KWM: Knowledge-based Workflow Model for agile organization
The workflow management system (WFMS) in an agile organization should be highly adaptable to the frequent organizational changes. To increase the adaptability of contemporary WFMSs, a mechanism for managing changes within the organizational structure and changes in business rules needs to be reinforced. In this paper, a knowledge-based approach for workflow modeling is proposed, in which a workflow is defined as a set of business rules. Knowledge on the organizational structure and special workflow, such as role/actor mappings and complex routing rules, can be explicitly modeled in KWM (Knowledge-based Workflow Model).
Using knowledge representation scheme and dependency management facility, a change propagation mechanism is provided to adapt to the frequent changes in the organizational structure, business rules, and procedures
An LTL Semantics of Business Workflows with Recovery
We describe a business workflow case study with abnormal behavior management
(i.e. recovery) and demonstrate how temporal logics and model checking can
provide a methodology to iteratively revise the design and obtain a correct-by
construction system. To do so we define a formal semantics by giving a
compilation of generic workflow patterns into LTL and we use the bound model
checker Zot to prove specific properties and requirements validity. The working
assumption is that such a lightweight approach would easily fit into processes
that are already in place without the need for a radical change of procedures,
tools and people's attitudes. The complexity of formalisms and invasiveness of
methods have been demonstrated to be one of the major drawback and obstacle for
deployment of formal engineering techniques into mundane projects
A Declarative Framework for Specifying and Enforcing Purpose-aware Policies
Purpose is crucial for privacy protection as it makes users confident that
their personal data are processed as intended. Available proposals for the
specification and enforcement of purpose-aware policies are unsatisfactory for
their ambiguous semantics of purposes and/or lack of support to the run-time
enforcement of policies.
In this paper, we propose a declarative framework based on a first-order
temporal logic that allows us to give a precise semantics to purpose-aware
policies and to reuse algorithms for the design of a run-time monitor enforcing
purpose-aware policies. We also show the complexity of the generation and use
of the monitor which, to the best of our knowledge, is the first such a result
in literature on purpose-aware policies.Comment: Extended version of the paper accepted at the 11th International
Workshop on Security and Trust Management (STM 2015
Modularity for Security-Sensitive Workflows
An established trend in software engineering insists on using components
(sometimes also called services or packages) to encapsulate a set of related
functionalities or data. By defining interfaces specifying what functionalities
they provide or use, components can be combined with others to form more
complex components. In this way, IT systems can be designed by mostly re-using
existing components and developing new ones to provide new functionalities. In
this paper, we introduce a notion of component and a combination mechanism for
an important class of software artifacts, called security-sensitive workflows.
These are business processes in which execution constraints on the tasks are
complemented with authorization constraints (e.g., Separation of Duty) and
authorization policies (constraining which users can execute which tasks). We
show how well-known workflow execution patterns can be simulated by our
combination mechanism and how authorization constraints can also be imposed
across components. Then, we demonstrate the usefulness of our notion of
component by showing (i) the scalability of a technique for the synthesis of
run-time monitors for security-sensitive workflows and (ii) the design of a
plug-in for the re-use of workflows and related run-time monitors inside an
editor for security-sensitive workflows
- …