Specification and execution of transactional workflows
Modern database systems
An overview of workflow management: from process modeling to workflow automation infrastructure
Distributed and Parallel Databases - Special issue on software support for work flow management
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Modeling and Analysis of Workflows Using Petri Nets
Journal of Intelligent Information Systems - Special issue on workflow management systems
From Centralized Workflow Specification to Distributed WorkflowExecution
Journal of Intelligent Information Systems - Special issue on workflow management systems
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Mobile Agents and Security
A Formal Foundation for Distributed Workflow Execution Based on State Charts
ICDT '97 Proceedings of the 6th International Conference on Database Theory
Formal aspects of mobile code security
Formal aspects of mobile code security
Mostly-static decentralized information flow control
Mostly-static decentralized information flow control
Domain Knowledge-Based Automatic Workflow Generation
DEXA '02 Proceedings of the 13th International Conference on Database and Expert Systems Applications
Recent advances in access control models
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Synchronization analysis for decentralizing composite Web services
Proceedings of the 2003 ACM symposium on Applied computing
Role-based authorizations for workflow systems in support of task-based separation of duty
Journal of Systems and Software
Preventing information leakage within workflows that execute among competing organizations
Journal of Systems and Software - Special issue: Software engineering education and training
Dynamic composition of workflows for customized eGovernment service delivery
dg.o '02 Proceedings of the 2002 annual national conference on Digital government research
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Access control in collaborative commerce
Decision Support Systems
Dynamic workflow model fragmentation for distributed execution
Computers in Industry
Chinese-wall process confinement for practical distributed coalitions
Proceedings of the 12th ACM symposium on Access control models and technologies
Web services discovery in secure collaboration environments
ACM Transactions on Internet Technology (TOIT)
Workflow authorisation in mediator-free environments
International Journal of Security and Networks
The implementation and evaluation of a recovery system for workflows
Journal of Network and Computer Applications
Synchronisation in Trust Management Using Push Authorisation
Electronic Notes in Theoretical Computer Science (ENTCS)
An access control model for mobile physical objects
Proceedings of the 15th ACM symposium on Access control models and technologies
An approach for implementation of RBAC models with context constraint to business process systems
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
InDico: information flow analysis of business processes for confidentiality requirements
STM'10 Proceedings of the 6th international conference on Security and trust management
Efficient authentication of electronic document workflow
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
WAC'04 Proceedings of the First international IFIP conference on Autonomic Communication
A dead-lock free self-healing algorithm for distributed transactional processes
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Traceability and integrity of execution in distributed workflow management systems
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Automatic information flow analysis of business process models
BPM'12 Proceedings of the 10th international conference on Business Process Management
Least-restrictive enforcement of the Chinese wall security policy
Proceedings of the 18th ACM symposium on Access control models and technologies
Hi-index | 0.00 |
Workflow systems are gaining importance as an infrastructure for automating inter-organizational interactions, such as those in Electronic Commerce. Execution of inter-organiz-ational workflows may raise a number of security issues including those related to conflict-of-interest among competing organizations. Moreover, in such an environment, a centralized Workflow Management System is not desirable because: (i) it can be a performance bottleneck, and (ii) the systems are inherently distributed, heterogeneous and autonomous in nature. In this paper, we propose an approach to realize decentralized workflow execution, in which the workflow is divided into partitions called self-describing workflows, and handled by a light weight workflow management component, called workflow stub, located at each organizational agent. We argue that placing the task execution agents that belong to the same conflict-of-interest class in one self-describing workflow may lead to unfair, and in some cases, undesirable results, akin to being on the wrong side of the Chinese wall. We propose a Chinese wall security model for the decentralized workflow environment to resolve such problems, and a restrictive partitioning solution to enforce the proposed model.