The Community for Technology Leaders
Green Image
Issue No. 05 - Sept.-Oct. (2012 vol. 9)
ISSN: 1545-5971
pp: 756-769
Florian Kerschbaum , SAP Research, Karlsruhe
Hoon Wei Lim , Nanyang Technological University, Singapore
Huaxiong Wang , Nanyang Technological University, Singapore
ABSTRACT
Interorganizational workflow systems play a fundamental role in business partnerships. We introduce and investigate the concept of workflow signatures. Not only can these signatures be used to ensure authenticity and protect integrity of workflow data, but also to prove the sequence and logical relationships, such as AND-join and AND-split, of a workflow. Hence, workflow signatures can be electronic evidence useful for auditing, that is proving compliance of business processes against some regulatory requirements. Furthermore, signing keys can be used to grant permissions to perform tasks. Since the signing keys are issued on-the-fly, authorization to execute a task within a workflow can be controlled and granted dynamically at runtime. In this paper, we propose a concrete workflow signature scheme, which is based on hierarchical identity-based cryptography, to meet security properties required by interorganizational workflows.
INDEX TERMS
Business, Engines, Public key, Digital signatures, Electronic mail, security compliance., Digital signatures, applied cryptography, business processes
CITATION
Florian Kerschbaum, Hoon Wei Lim, Huaxiong Wang, "Workflow Signatures for Business Process Compliance", IEEE Transactions on Dependable and Secure Computing, vol. 9, no. , pp. 756-769, Sept.-Oct. 2012, doi:10.1109/TDSC.2012.38
205 ms
(Ver )