Policy-Based Verification of Distributed Workflows in a Multi-Domain Environment

Get BibTex-formatted data

Download

PDF

Author

Basit Shafiq, Ammar Masood, and Arif Ghafoor

Tech report number

CERIAS TR 2006-14

Entry type

techreport

Abstract

There is a growing need to support secure interaction among autonomous domains/systems for developing distributed applications. As domains operate according to their individual security and access control policies, supporting secure interactions among domains for distributed workflows is a complex task prone to subtle errors that can have serious security implications. In this paper we propose a framework for verifying secure composibility of distributed workflows in an autonomous multi-domain environment. The objective of workflow composibility verification is to ensure that all the users or processes executing the designated workflow tasks conform to the security policy specifications of all collaborating domains. A key aspect of such verification is to determine the time-dependent schedulability of distributed workflows, assumed to be invoked on a recurrent basis. We use a two-step approach for verifying secure workflow composibility. In the first step, a distributed workflow is decomposed into domain-specific projected workflows and is verified for conformance with the respective domain

Download

PDF

Institution

Purdue University

Key alpha

Shafiq

School

School of Electrical and Computer Engineering

Affiliation

CERIAS

Publication Date

2001-01-01

Workflow Composition Verification Multi-domain systems

Subject

Policy-Based Verification of Distributed Workflows in a Multi-Domain Environment

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Techreport{ Shafiq,
	title = "Policy-Based Verification of Distributed Workflows in a Multi-Domain Environment",
	author = "Basit Shafiq, Ammar Masood, and Arif Ghafoor",
	institution = "Purdue University",
	school = "School of Electrical and Computer Engineering",
	abstract = "There is a growing need to support secure interaction among autonomous domains/systems for developing distributed applications. As domains operate according to their individual security and access control policies, supporting secure interactions among domains for distributed workflows is a complex task prone to subtle errors that can have serious security implications. In this paper we propose a framework for verifying secure composibility of distributed workflows in an autonomous multi-domain environment. The objective of workflow composibility verification is to ensure that all the users or processes executing the designated workflow tasks conform to the security policy specifications of all collaborating domains. A key aspect of such verification is to determine the time-dependent schedulability of distributed workflows, assumed to be invoked on a recurrent basis. We use a two-step approach for verifying secure workflow composibility. In the first step, a distributed workflow is decomposed into domain-specific projected workflows and is verified for conformance with the respective domain",
	affiliation = "CERIAS",
	contents = "Workflow Composition
Verification
Multi-domain systems",
	subject = "Policy-Based Verification of Distributed Workflows in a Multi-Domain Environment",
}

Policy-Based Verification of Distributed Workflows in a Multi-Domain Environment

Download

Author

Tech report number

Entry type

Abstract

Download

Institution

Key alpha

School

Affiliation

Publication Date

Contents

Subject

BibTex-formatted data