The Community for Technology Leaders
Green Image
Issue No. 05 - Sept.-Oct. (2017 vol. 14)
ISSN: 1545-5971
pp: 478-493
Basit Shafiq , Department of Computer Science, Lahore University of Management Sciences, Pakistan
Sameera Ghayyur , Department of Computer Science, Lahore University of Management Sciences, Pakistan
Ammar Masood , Department of Avionics Engineering, Air University, Pakistan
Zahid Pervaiz , ECE, Purdue University, West Lafayette, IN
Abdulrahman Almutairi , Collage of Computer and information Sciences, King Saud University, Saudi Arabia
Farrukh Khan , Computer Science Department, Texas Southern University, Houston, TX
Arif Ghafoor , School of Electrical and Computer Engineering, Purdue University, West Lafayette, IN
ABSTRACT
The emergence of cloud computing infrastructure and Semantic Web technologies has created unprecedented opportunities for composing large-scale business processes and workflow-based applications that span multiple organizational domains. A key challenge related to composition of such multi-organizational business processes and workflows is posed by the security and access control policies of the underlying organizational domains. In this paper, we propose a framework for verifying secure composability of distributed workflows in an autonomous multi-domain environment. The objective of workflow composability verification is to ensure that all the users or processes executing the designated workflow tasks conform to the time-dependent security policy specifications of all collaborating domains. A key aspect of such verification is to determine the time-dependent schedulability of distributed workflows, assumed to be invoked on a recurrent basis. We use a two-step approach for verifying secure workflow composability. In the first step, a distributed workflow is decomposed into domain-specific projected workflows and is verified for conformance with the respective domain's security and access control policy. In the second step, the cross-domain dependencies amongst the workflow tasks performed by different collaborating domains are verified.
INDEX TERMS
Business, Unified modeling language, Authorization, Indexes, Computers
CITATION

B. Shafiq et al., "Composability Verification of Multi-Service Workflows in a Policy-Driven Cloud Computing Environment," in IEEE Transactions on Dependable and Secure Computing, vol. 14, no. 5, pp. 478-493, 2017.
doi:10.1109/TDSC.2015.2481881
1117 ms
(Ver 3.3 (11022016))