Pervasive workflows: architecture, reliability and security

With the emergence of the Internet, electronic commerce and Web-based applications have become the standard support for Business-to-Business and Business-to-Costumer collaborations. The concept of workflow or business process has been the main enabler concept for such collaborative applications. Workflow technologies indeed make it possible to leverage the functionalities of multiple service providers to build value-added services. Typical business processes however rely on a centralized coordinator that is in charge of assuring the management and the control tasks of the process execution. New trends in collaborative business applications call for flexibility to enable for instance the execution of business collaborations that can be built on the fly without the need of a dedicated coordination infrastructure. As a result, the usual centralized coordination paradigm is no longer suitable to adequately support the execution of most recent business applications. In this dissertation we present a decentralized workflow management system to overcome this limitation. The main contribution of this thesis is the design and implementation of a full-fledged decentralized workflow management system. The workflow architecture denoted pervasive workflow architecture that we developed supports the execution of business processes in environments whereby computational resources offered by each business partner can potentially be used by any party within the surroundings of that business partner. It also features the runtime assignment of business partners to workflow tasks in order to provide the adequate flexibility to support dynamic collaborations of business partners. This flexibility however comes at the expense of security and reliability and introduces new research challenges as opposed to usual workflow management systems in terms of security and fault management. To cope with the latter, we first propose an adaptive transactional protocol to support the execution of pervasive workflows. This transactional protocol features an algorithm enabling the selection of partners not only according to functional requirements but also to transactional ones. Besides, we introduce new security mechanisms capitalizing on onion encryption techniques and security policy models in order to assure the integrity of the pervasive workflow execution and to prevent workflow instance forging.