The Community for Technology Leaders
Green Image
Issue No. 05 - Sept.-Oct. (2017 vol. 14)
ISSN: 1545-5971
pp: 478-493
Basit Shafiq , Department of Computer Science, Lahore University of Management Sciences, Pakistan
Sameera Ghayyur , Department of Computer Science, Lahore University of Management Sciences, Pakistan
Ammar Masood , Department of Avionics Engineering, Air University, Pakistan
Zahid Pervaiz , ECE, Purdue University, West Lafayette, IN
Abdulrahman Almutairi , Collage of Computer and information Sciences, King Saud University, Saudi Arabia
Farrukh Khan , Computer Science Department, Texas Southern University, Houston, TX
Arif Ghafoor , School of Electrical and Computer Engineering, Purdue University, West Lafayette, IN
The emergence of cloud computing infrastructure and Semantic Web technologies has created unprecedented opportunities for composing large-scale business processes and workflow-based applications that span multiple organizational domains. A key challenge related to composition of such multi-organizational business processes and workflows is posed by the security and access control policies of the underlying organizational domains. In this paper, we propose a framework for verifying secure composability of distributed workflows in an autonomous multi-domain environment. The objective of workflow composability verification is to ensure that all the users or processes executing the designated workflow tasks conform to the time-dependent security policy specifications of all collaborating domains. A key aspect of such verification is to determine the time-dependent schedulability of distributed workflows, assumed to be invoked on a recurrent basis. We use a two-step approach for verifying secure workflow composability. In the first step, a distributed workflow is decomposed into domain-specific projected workflows and is verified for conformance with the respective domain's security and access control policy. In the second step, the cross-domain dependencies amongst the workflow tasks performed by different collaborating domains are verified.
Business, Unified modeling language, Authorization, Indexes, Computers

B. Shafiq et al., "Composability Verification of Multi-Service Workflows in a Policy-Driven Cloud Computing Environment," in IEEE Transactions on Dependable and Secure Computing, vol. 14, no. 5, pp. 478-493, 2017.
1117 ms
(Ver 3.3 (11022016))