Policy-Based Verification of Distributed Workflows in a Multi-Domain Environment
Author
Basit Shafiq, Ammar Masood, and Arif Ghafoor
Tech report number
CERIAS TR 2006-14
Abstract
There is a growing need to support secure interaction among autonomous domains/systems for developing distributed applications. As domains operate according to their individual security and access control policies, supporting secure interactions among domains for distributed workflows is a complex task prone to subtle errors that can have serious security implications. In this paper we propose a framework for verifying secure composibility of distributed workflows in an autonomous multi-domain environment. The objective of workflow composibility verification is to ensure that all the users or processes executing the designated workflow tasks conform to the security policy specifications of all collaborating domains. A key aspect of such verification is to determine the time-dependent schedulability of distributed workflows, assumed to be invoked on a recurrent basis. We use a two-step approach for verifying secure workflow composibility. In the first step, a distributed workflow is decomposed into domain-specific projected workflows and is verified for conformance with the respective domain
Institution
Purdue University
School
School of Electrical and Computer Engineering
Publication Date
2001-01-01
Contents
Workflow Composition
Verification
Multi-domain systems
Subject
Policy-Based Verification of Distributed Workflows in a Multi-Domain Environment