Traceability and integrity of execution in distributed workflow management systems

The execution of business processes in the decentralized setting raises security requirements due to the lack of a dedicated infrastructure in charge of management and control tasks. Basic security features including compliance of the overall sequence of workflow operations with the pre-defined workflow execution plan or traceability become critical issues that are yet to be addressed. In this paper, we suggest new security mechanisms capitalizing on onion encryption and group encryption techniques in order to assure the integrity of the distributed execution of workflows and to manage traceability with respect to sensitive workflow instances. We carry out an in depth analysis of the security properties offered by these mechanisms. Our solution can easily be integrated into distributed workflow management systems as its design is strongly coupled with the runtime specification of decentralized workflows.