Title :
Towards security in decentralized workflows
Author :
Velikova, Zaharina ; Schütte, Julian ; Kuntze, Nicolai
Author_Institution :
Fraunhofer Inst. for Secure Inf. Technol. (SIT), Darmstadt, Germany
Abstract :
In decentralized workflows no single point of control exists, instead, the workflow specification itself travels from service to service. Every service must thus be able to understand, process and forward a token called a process slip. Such a process slip is a digital representation of what is traditionally used in paper-based workflows. In previous work we have sketched a workflow execution mechanism which involves the usage of a digital process slip. However, there we have only described possible techniques which can guarantee the secure execution of a workflow in a distributed environment but it is not clear yet how cryptographic operations have to be applied to it in order to actually fulfill the security requirements. In this paper we give an example how this mechanism can be applied to an example scenario of booking and accounting a business trip. We will also demonstrate how our container can be used for specifying step-based policy rules and how additional security properties such as traceability and anonymity can be ensured.
Keywords :
bookkeeping; security of data; workflow management software; accounting scenario; booking scenario; cryptographic operation; decentralized workflow; digital process slip; paper based workflow; workflow execution mechanism; workflow secured execution; Access control; Containers; Contracts; Cryptography; Data security; Information security; Information technology; Mechanical factors; Runtime; Workflow management software;
Conference_Titel :
Ultra Modern Telecommunications & Workshops, 2009. ICUMT '09. International Conference on
Conference_Location :
St. Petersburg
Print_ISBN :
978-1-4244-3942-3
Electronic_ISBN :
978-1-4244-3941-6
DOI :
10.1109/ICUMT.2009.5345606
