Preventing information leakage within workflows that execute among competing organizations
Journal of Systems and Software - Special issue: Software engineering education and training
Specifying and using intrusion masking models to process distributed operations
Journal of Computer Security
The implementation and evaluation of a recovery system for workflows
Journal of Network and Computer Applications
Recovering from malicious attacks in workflow systems
DEXA'05 Proceedings of the 16th international conference on Database and Expert Systems Applications
A dead-lock free self-healing algorithm for distributed transactional processes
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Hi-index | 0.00 |
Workflow systems are popular in daily business processing. Since vulnerabilities cannot be totally removed from asystem, recovery from successful attacks is unavoidable. Inthis paper, we focus on attacks that inject malicious tasksinto workflow management systems. We introduce practical techniques for on-line attack recovery, which includerules for locating damage and rules for execution order.In our system, an independent Intrusion Detection Systemreports identified malicious tasks periodically. The recovery system detects all damage caused by the malicious tasksand automatically repairs the damage according to dependency relations. Without multiple versions of data objects,recovery tasks may be corrupted by executing normal taskswhen we try to run damage analysis and normal tasks concurrently. This paper addresses the problem by introducing multi-version data objects to reduce unnecessary blocking of normal task execution and improve the performanceof the whole system. We analyze the integrity level and performance of our system. The analytic results demonstrateguidelines for designing such kinds of systems.