"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
The Security Framework for Workflow Management Systems
1. The Security Framework for
Workflow management systems
Dr. Hsiao Yu-Cheng
swanky.hsiao@gmail.com
Department of Computer Science and Information Engineering
National Taiwan Normal University
3. Introduction of Workflow
Management Systems (WfMSs)
Definition:
Software systems that support coordination and cooperation
among members of an organization whilst they perform
complex business tasks.
Business tasks are modeled as workflow processes that
are automated by the WfMS.
An activity is a logic step within a workflow, which includes the
information about the starting and stopping conditions.
A person who participates in the execution of an activity is called a
participant of that activity.
A workflow process instance represents a state of
execution of a workflow process definition by the
WfMS, and is usually controlled by the workflow
engine. 3
4. Type of Engine-based WfMSs
Centralized WfMS
Focus on executing workflow processes within a
single organization at one location in a single
workflow engine.
Distributed WfMS
Establish multiple workflow engines
Balance the load among the workflow engines as the
number of users increases.
Reduce the communication time between the participants
in the activity and the workflow engines.
4
5. Centralized WfMS
A workflow process is executed by a single workflow
engine that communicates with all of the participants
in the activity.
A1
A2 A3
A6A4 A5
Workflow engine
Start of
workflow
End of
workflow
Activity Flow control
edge
Participant
Workflow
engine
Process instance
migration
User
communication
5
6. Distributed WfMS
Multiple workflow engines in different places.
Can be used to build up the cross-enterprise WfMS that controls
the execution of cross-enterprise workflow processes.
A1
A2 A3
A6A4 A5
Workflow engine 2
Workflow engine 3
Workflow
engine 1
Start of
workflow
End of
workflow
Activity Flow control
edge
Participant
Workflow
engine
Public
network
Public
network
Public
network
Process instance
migration
User
communication 6
8. Problems and Difficulties for
Engine-based WfMS in the Cloud
Security
Authentication
Refers to reliably verifying the identity of the task
execution agents.
Confidentiality
Refers to unauthorized disclosure of information
including the workflow specification, and the
workflow instances during its execution.
Seems ok.
8
9. Problems and Difficulties for
Engine-based WfMS in the Cloud (Cont’d)
Security
Data integrity
Refers to the unauthorized modification of information, again
including the workflow specification as well as the data
manipulated during the execution of a workflow instance.
Nonrepudiation
Refers to a state of affairs where the purported maker of a
statement will not be able to successfully challenge the
validity of the statement or contract.
Just guaranteed by SLA?
9
10. Problems and Difficulties for
Engine-based WfMS in the Cloud (Cont’d)
Scalability
Reasons for scalable WfMS in the Cloud
Participants are dynamically.
Multi-tenancy WfMS requirement.
How to store huge amount of process instances?
Traditional way:
Store and manage process instances in relational database.
What is the appropriate form of process instances?
10
11. Problems and Difficulties for
Engine-based WfMS in the Cloud (Cont’d)
Cross-Enterprise
Only when we can solve the security and scalability
problem.
The process instances should guarantee nonrepudiation.
SLA seems not enough.
Other
Secured process instance migration
User control migration
Process instance replication in different clouds
User control replication
11
13. Our Solution – DRA4WfMS
Document Routing Architecture for WfMS (DRA4WfMS)
Engine-less WfMS
Supports a purely distributed operational model without needing a
workflow engine to act as a trusted centralized point of coordination.
XML-based document-routing system.
Security framework
Implements the main required security features such as
authentication, confidentiality, data integrity, and nonrepudiation.
Applying element-wise encryption and a cascade-based method to
embed digital signatures.
Dynamic security policy
Managing and controlling data accesses according to the dynamic
behavior of workflow processes.
13
14. Operational Models of DRA4WfMS
Basic operational model
Only support authentication, confidentiality, data
integrity, and nonrepudiation.
Advanced operational model
Also support workflow monitor.
14
15. Basic operational model
of the DRA4WfMS
15
AEA
(Activity Execution Agent)
AEA
AEA
Start End
Execution result
of the activity
Digital signature
embedded by the
workflow participant
Workflow definition
Digital signature
embedded by the
workflow designer
Synchronous
communication
A1
A2
A3
16. Advanced operational model
of the DRA4WfMS
AEA
AEA
Start
Execution result
of the activity
Digital signature
embedded by the
workflow participant
Time stamp
embedded by the
timestamp server
Workflow definition
Digital signature
embedded by the
workflow designer
(1)
(2)
TFC Server
(Timestamp and Flow-
Control Server)
Synchronous
communication
Secured initial
DRA4WfMS document
TFC Server
…
A1
A2
16
17. Architecture and XML-based syntax of a
DRA4WfMS document
Header section
Application
definition section
Unique process id
Workflow
definition section
Security definition
section
A digital signature
Activity execution result section
17
<?xml version="1.0"?>
<DRA4WfMS:DRA4WfMS xmlns:DRA4WfMS="http://www.DRA4WfMS.org/2010">
<UID Id="X1"/>
<APDefinition Id="X2">
<!--Workflow Definition section-->
<WorkflowDefinition>
<Participants>...</Participants>
<Activities>...</Activities>
<Transitions>...</Transitions>
</WorkflowDefinition>
<!--Security definition section-->
<SecurityDefinition>
<SignatureKeyIssuer C=".." S=".." L=".." O=".." OU=".." CN=".."/>
<KeyDefinitions>...</KeyDefinitions>
<AlgorithmDefinitions>...</AlgorithmDefinitions>
<EncryptionDefinitions>...</EncryptionDefinitions>
</SecurityDefinition>
<Signature Id="Y">
...
</Signature >
</APDefinition>
<!--Activity execution result section-->
<CERs>
<CER Id="CER:Aid:Index">
...
</CER>
...
</CERs>
</DRA4WfMS:DRA4WfMS>
18. Process instance of DRA4WfMS
Each process instance contains the execution
results of previous executed activities.
Guarantee nonrepudiation.
Element-wise encryption.
Self-protected
Without requiring an access-control server.
18
19. 19
Applying DRA4WfMS in Cloud
computing environment
A1 download the
document from portal
servers
AEA
A1
(1) (2)
(3)
(4)
(5)
DRA4WfMS documents pool
DRA4WfMS
Cloud
system
Portal servers
……
(6)
AEA
A2
Return
the result
document
Stores it in the pool
of DRA4WfMS
documents
21. Implementation
DRA4WfMS API
Implemented by the Java programming language.
Ready for download
http://www.csie.ntnu.edu.tw/~ghhwang/DRA4WfMS/DRA4WfMS_EXAMPLES.zip
DRA4WfMS cloud system in the HBase database of Apache Hadoop
Store process instance in HBase.
Provide the following operations:
Search DRA4WfMS documents
Retrieve a DRA4WfMS document
Store a DRA4WfMS document
Notify the subsequent participants
Perform workflow monitoring or statistical analyses 21
22. Two workflow processes for
conducting experiments
Start of
workflow
End of
workflow
Activity Connection
edge
Condition
TFC Server
A
B1
B2
C D
Accept
Attachment
is
insufficient.
(A)
A
B1
B2
C D
Accept
(B)
Attachment
is
insufficient
.
AND-
split
AND-
join
AND-
split
AND-
join
Initial
document
Initial
document
22
24. Result parameters for the workflow
shown in Fig. B
: Time required to decrypt and verify signatures in the AEA and TFC server (in seconds)
: Time required to encrypt and embed signatures in the AEA (in seconds)
: Time required to encrypt and embed signatures in the TFC server (in seconds)
: Size of the generated file (in bytes)
24
26. Conclusion
We propose a secured WfMS for the cloud computing
environment.
Document Routing Architecture for WfMS (DRA4WfMS)
Does not require a workflow engine to control the execution of activities
Avoid the security problems that may arise in engine-based distributed WfMSs.
Element-wise encryption and Cascade-based method of embedding digital
signatures
Make DRA4WfMS document self-protected without requiring an access-control server.
Security requirements such as authentication, confidentiality, data integrity, and
nonrepudiation do not need to rely on service-level agreements between users and cloud
service providers.
Different enterprises or organizations can simultaneously use a single
DRA4WfMS cloud system.
Easy to implement a cross-enterprise WfMS in the DRA4WfMS cloud system. 26