Recovering from malicious attacks in workflow systems

Authors:
Yajie Zhu;Tai Xin;Indrakshi Ray
Affiliations:
Department of Computer Science, Colorado State University;Department of Computer Science, Colorado State University;Department of Computer Science, Colorado State University
Venue:
DEXA'05 Proceedings of the 16th international conference on Database and Expert Systems Applications
Year:
2005

Citing 7
Cited 3

Concurrency control and recovery in database systems

Concurrency control and recovery in database systems
FlowBack: providing backward recovery for workflow management systems

SIGMOD '98 Proceedings of the 1998 ACM SIGMOD international conference on Management of data
Recovery from Malicious Transactions

IEEE Transactions on Knowledge and Data Engineering
Recovery in Distributed Extended Long-lived Transaction Models

DASFAA '99 Proceedings of the Sixth International Conference on Database Systems for Advanced Applications
Workflow Recovery

COOPIS '96 Proceedings of the First IFCIS International Conference on Cooperative Information Systems
Multi-Version Attack Recovery for Workflow Systems

ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Evaluating damage from cyber attacks: a model and analysis

IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans

When does a workflow complete?

Computer Standards & Interfaces
On the completion of workflows

DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications
A systematic review on security in Process-Aware Information Systems - Constitution, challenges, and future directions

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Workflow management systems (WFMS) coordinate execution of logically related multiple tasks in an organization. Such coordination is achieved through dependencies that are specified between the tasks of a workflow. Often times preventive measures are not enough and a workflow may be subjected to malicious attacks. Traditional workflow recovery mechanisms do not address how to recover from malicious attacks. Database survivability techniques do not work for workflow because tasks in a workflow have dependencies that are not present in traditional transaction processing systems. In this paper, we present an algorithm that shows how we can assess and repair the effects of damage caused by malicious tasks. Our algorithm focuses not only on restoring the consistency of data items by removing the effects of malicious tasks but also takes appropriate actions to ensure the satisfaction of task dependencies among all the committed tasks.