Enforcing integrity of execution in distributed workflow management systems

As opposed to centralized workflow management systems, the distributed execution of workflows can not rely on a trusted centralized point of coordination. As a result, this flexible decentralized setting raises specific security requirements, such as the compliance of the overall sequence of operations with the pre-defined workflow execution plan, that are not yet met by existing decentralized workflow infrastructures. In this paper, we propose new security mechanisms capitalizing on onion encryption techniques and security policy models in order to assure the integrity of the distributed execution of workflows and to prevent workflow instance forging to name a few features. These mechanisms can easily be integrated into distributed workflow management systems as our design is strongly coupled with the runtime specification of decentralized workflows.