A Workflow Criticality-Based Approach to Bypass the Workflow Satisfiability Problem

Autor: Monsef Boughrous, Hanan El Bakkali
Jazyk: angličtina
Rok vydání: 2021
Předmět:
Zdroj: Security and Communication Networks, Vol 2021 (2021)
ISSN: 1939-0114
DOI: 10.1155/2021/3330923
Popis: Workflow management systems are very important for any organization to manage and model complex business processes. However, significant work is needed to keep a workflow resilient and secure. Therefore, organizations apply a strict security policy and enforce access control constraints. As a result, the number of available and authorized users for the workflow execution decreases drastically. Thus, in many cases, such a situation leads to a workflow deadlock situation, where there no available authorized user-task assignments for critical tasks to accomplish the workflow execution. In the literature, this problem has gained interest of security researchers in the recent years, and is known as the workflow satisfiability problem (WSP). In this paper, we propose a new approach to bypass the WSP and to ensure workflow resiliency and security. For this purpose, we define workflow criticality, which can be used as a metric during run-time to prevent WSP. We believe that the workflow criticality value will help workflow managers to make decisions and start a mitigation solution in case of a critical workflow. Moreover, we propose a delegation process algorithm (DP) as a mitigation solution that uses workflow instance criticality, delegation, and priority concepts to find authorized and suitable users to perform the critical task with low-security risks.
Databáze: OpenAIRE
Externí odkaz: