Authorization and User Failure Resiliency for WS-BPEL Business Processes

Authors:
Federica Paci;Rodolfo Ferrini;Yuqing Sun;Elisa Bertino
Affiliations:
Cerias and Computer Science Department, Purdue University,;Department of Computer Science, University of Bologna,;School of Computer Science and Technology (SCST), Shandong University,;Cerias and Computer Science Department, Purdue University,
Venue:
ICSOC '08 Proceedings of the 6th International Conference on Service-Oriented Computing
Year:
2008

Citing 3
Cited 2

An access control framework for business processes for web services

Proceedings of the 2003 ACM workshop on XML security
Verifying BPEL workflows under authorisation constraints

BPM'06 Proceedings of the 4th international conference on Business Process Management
Satisfiability and resiliency in workflow systems

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

Integrating constraints to support legally flexible business processes

Information Systems Frontiers
Security-aware web service composition approaches: state-of-the-art

Proceedings of the 13th International Conference on Information Integration and Web-based Applications and Services

Quantified Score

Hi-index	0.00

Visualization

Abstract

We investigate the problem of WS-BPEL processes resiliency in RBAC-WS-BPEL, an authorization model for WS-BPEL that supports the specification of authorizations for the execution of WS-BPEL process activities by roles and users and authorization constraints, such as separation and binding of duty. The goal of resiliency is to guarantee that even if some users becomes unavailable during the execution of a WS-BPEL process, the remaining users can still complete the execution of the process. We extend RBAC-WS-BPEL with a new type of constraints called resiliency constraints and the notion of user failure resiliency for WS-BPEL processes and propose an algorithm to determine if a WS-BPEL process is user failure resilient.