Ecole d'ingénieur et centre de recherche en Sciences du numérique

Traceability and integrity of execution in distributed workflow management systems

Montagut, Frédéric;Molva, Refik

ESORICS 2007, 12th European Symposium On Research In Computer Security, September 24-26, 2007, Dresden, Germany

The execution of business processes in the decentralized setting raises security requirements due to the lack of a dedicated infrastructure in charge of management and control tasks. Basic security features including compliance of the overall sequence of workflow operations with the pre-defined workflow execution plan or traceability become critical issues that are yet to be addressed. In this paper, we suggest new security mechanisms capitalizing on onion encryption and group encryption techniques in order to assure the integrity of the distributed execution of workflows and to manage traceability with respect to sensitive workflow instances. We carry out an in depth analysis of the security properties offered by these mechanisms. Our solution can easily be integrated into distributed workflow management systems as its design is strongly coupled with the runtime specification of decentralized workflows.

Document Doi Bibtex

Titre:Traceability and integrity of execution in distributed workflow management systems
Mots Clés:Integrity of execution;Traceability;Decentralized workflows
Type:Conférence
Langue:English
Ville:Dresden
Pays:ALLEMAGNE
Date:
Département:Sécurité numérique
Eurecom ref:2254
Copyright: © Springer. Personal use of this material is permitted. The definitive version of this paper was published in ESORICS 2007, 12th European Symposium On Research In Computer Security, September 24-26, 2007, Dresden, Germany and is available at : http://dx.doi.org/10.1007/978-3-540-74835-9_17
Bibtex: @inproceedings{EURECOM+2254, doi = {http://dx.doi.org/10.1007/978-3-540-74835-9_17}, year = {2007}, title = {{T}raceability and integrity of execution in distributed workflow management systems}, author = {{M}ontagut, {F}r{\'e}d{\'e}ric and {M}olva, {R}efik}, booktitle = {{ESORICS} 2007, 12th {E}uropean {S}ymposium {O}n {R}esearch {I}n {C}omputer {S}ecurity, {S}eptember 24-26, 2007, {D}resden, {G}ermany}, address = {{D}resden, {ALLEMAGNE}}, month = {09}, url = {http://www.eurecom.fr/publication/2254} }
Voir aussi: