Paper on dynamic binding of roles to actors in blockchain-based business processes, presented at the 31st International Conference on Advanced Information Systems Engineering (CAiSE'2019), 5-7 June 2019. Papper available at https://arxiv.org/pdf/1812.02909.pdf
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Dynamic Role Binding in Blockchain-Based Collaborative Business Processes
1. Dynamic Role Binding in Blockchain-Based
Collaborative Business Processes
Orlenys López-Pintado
Marlon Dumas, Luciano García-Bañuelos, Ingo
Weber
University of Tartu, Estonia
Data61, CSIRO, Australia
June 6, 2019
4. 4
Problem
Alice’s company Bob’s company
Purchase
Goods
Ship
Goods
Carrier
Carrier
Carol’s company
TRUS
T
Alice
Bob
Collaborative Process
5. 5
Problem
Alice’s company Bob’s company
Purchase
Goods
Ship
Goods
Carrier
LACK OF TRUST
Collaborative Process
ACTORS CHANGE DYNAMICALLY
TRUST RELATIONS CHANGE
DYNAMICALLY
Dave’s company Carol’s companyWendy’s company
6. 6
Background & Related Work
BLOCKCHAIN
P2P Network No Central Authority
Untrusted Parties
Append only chain
Each node stores a copy
Consensus
Validate Transactions
Create/Validate Blocks
Proof of Work
Smart Contracts
Blockchain-based Process Management Tools
Lorikeet
Caterpillar Mainly Control-Flow
Static Access Control
DYNAMIC BINDINGS
7. 7
Background & Related
WorkBinding/Delegation Models for Collaborative Processes
* Web Service Composition
- Partner links
- Process orchestrated by a single entity
- Business Process Execution Language
(BPEL)
* Process not orchestrated by a single entity
- Each role controlled by a single actor
- Re-biding not supported
* Delegation/Revocation schemas
TRUST
DYNAMIC ROLE BINDING IN DECENTRALIZED
PROCESSES,
MULTIPLE ACTORS MUST COLLABORATIVELY
AGREE
DURING THE PROCESS EXECUTION (AT RUNTIME)
DYNAMIC BINDINGS
What to do ?
8. 8
Role Binding Model
Customer Supplier
Task * 1 Role
Role 1 1 Actor per (sub-)process instance
All assignments in sub-scopes stored
in a set
User Group
System
IoT
Blockchain
Account/identity
11. 11
Policy Consistency
N E
A is case-creator;
A nominates B;
A nominates C;
C nominates D, endorsed-by A and B;
uA nA bA
N E
uB nB bB
N E
uC nC bC
N E
uD nD bD
A & B
N
N
E
E
N
A & B
E
NO DEADLOCKS
12. 12
Smart Contract Generation
Policy Compiler Caterpillar Compiler
Worklist Handler
BindingPolicy
TaskRoleMap
BindingAccessControl
canNominate
Nominator (Supplier) index 3,
nMask (nominees {Candidate, Carrier}) = 6 [00000110]
assertNConstraint
(A and B) or (C) or ..,
Bit Sets
13. 13
Smart Contract Generation
Policy Compiler
BindingPolicy
assertNVote
Bit Sets
BOUND if all the roles in at least a conjunction set, namely CS,
endorsed the nomination, i.e., (endorsedBy | endorserRole) & CS == CS,
UNBOUND if in each conjunction set contains at least one role rejected
the nomination, i.e., for each CS, (rejectedBy | endorserRole) & CS != 0
Conjunction set: A and B and …
NOMINATED if none of the previous conditions are fulfilled yet, i.e.,
at least one conjunction set with no rejections and roles pending to
vote
14. 14
Experiments
How does the cost (in gas/ether) of enforcing a binding policy increase
depending on the size and complexity of the policy statements?
1. How do the costs of deploying the generated smart contracts vary
with the size of the policy?
2. How do the costs of executing the runtime operations vary
with the size of the policy?
3. How does the combined cost of enforcing a process model and a
binding policy varies with the size of the model?
15. 15
Experiments
Experiments vary different parameters:
• E1: Varied number of nomination statements from 1 to 40; no
binding or endorsement constraints.
• E2: 40 statements, pick one, and gradually increased the size of the
conjunction set in its binding constraint from 1 to 40
• E3: 40 statements, then gradually add a binding constraint with one
conjunction set to each of the 40 statements.
• E4: 40 statements, pick one, and gradually increased the size of the
conjunction set in its endorsement constraint from 1 to 40
• E5: 40 statements, then gradually add an endorsement constraint
with one conjunction set to each of the 40 statements.
17. 17
Experiment Results
2. How do the costs of executing the runtime operations vary with the
size of the policy?
3. How does the combined cost of enforcing a process model and a
binding policy varies with the size of the model?
BindingAccessControl: 1,340,098 gas
BindingPolicy: 154,167 to 1,803,898
gasTaskRoleMap: 129,539 to 241,114 gas
18. 18
Conclusion
Role Binding Model and a Binding Policy Language that support
collaborative binding and unbinding of actors to roles at runtime.
Method to verify the consistency of policies.
Approach to compile the policies into smart contracts.
Access Control implemented in Caterpillar (open source).
Experiments (throughput): costs grow linearly with the number of
roles and the complexity of the constraints.
Future Work Validate the approach via more
thorough experiments and case studies.
Study the applicability of this approach to other blockchain applications,
e.g. in crowdsourcing and computer-supported collaborative work
scenarios