Post on 15-Jan-2015
description
The Security Framework for Workflow
management systems
Dr. Hsiao Yu-Chengswanky.hsiao@gmail.com
Department of Computer Science and Information EngineeringNational Taiwan Normal University
2
OutlinesIntroduction of Workflow
Management Systems (WfMSs)
Challenges of WfMS in the CloudOur SolutionImplementationConclusion
Introduction of Workflow Management Systems (WfMSs) Definition:
Software systems that support coordination and cooperation among members of an organization whilst they perform complex business tasks.
Business tasks are modeled as workflow processes that are automated by the WfMS. An activity is a logic step within a workflow, which includes
the information about the starting and stopping conditions. A person who participates in the execution of an activity is called a
participant of that activity.
A workflow process instance represents a state of execution of a workflow process definition by the WfMS, and is usually controlled by the workflow engine. 3
Type of Engine-based WfMSs Centralized WfMS
Focus on executing workflow processes within a single organization at one location in a single workflow engine.
Distributed WfMS Establish multiple workflow engines
Balance the load among the workflow engines as the number of users increases.
Reduce the communication time between the participants in the activity and the workflow engines.
4
Centralized WfMS A workflow process is executed by a single
workflow engine that communicates with all of the participants in the activity.
A1
A2 A3
A6A4 A5
Workflow engine
Start of workflow
End of workflow
Activity Flow controledge
Participant
Workflowengine
Process instancemigration
User communication
5
Distributed WfMS Multiple workflow engines in different places.
Can be used to build up the cross-enterprise WfMS that controls the execution of cross-enterprise workflow processes.
A1
A2 A3
A6A4 A5
Workflow engine 2
Workflow engine 3
Workflow engine 1
Start of workflow
End of workflow
Activity Flow controledge
Participant
Workflowengine
Public networ
k
Public networ
k
Public networ
k
Process instancemigration
User communication 6
7
OutlinesIntroduction of Workflow
Management Systems (WfMSs)Challenges of WfMS in the
CloudOur SolutionImplementationConclusion
Problems and Difficulties for Engine-based WfMS in the Cloud
Security Authentication
Refers to reliably verifying the identity of the task execution agents.
Confidentiality Refers to unauthorized disclosure of
information including the workflow specification, and the workflow instances during its execution.
Seems ok.
8
Problems and Difficulties for Engine-based WfMS in the Cloud (Cont’d) Security
Data integrity Refers to the unauthorized modification of information,
again including the workflow specification as well as the data manipulated during the execution of a workflow instance.
Nonrepudiation Refers to a state of affairs where the purported maker
of a statement will not be able to successfully challenge the validity of the statement or contract.
Just guaranteed by SLA?
9
Problems and Difficulties for Engine-based WfMS in the Cloud (Cont’d)
Scalability Reasons for scalable WfMS in the Cloud
Participants are dynamically.
Multi-tenancy WfMS requirement.
How to store huge amount of process instances?
Traditional way:
Store and manage process instances in relational database.
What is the appropriate form of process instances?
10
Problems and Difficulties for Engine-based WfMS in the Cloud (Cont’d)
Cross-Enterprise Only when we can solve the security and
scalability problem. The process instances should guarantee nonrepudiation.
SLA seems not enough.
Other Secured process instance migration
User control migration
Process instance replication in different clouds User control replication
11
12
OutlinesIntroduction of Workflow
Management Systems (WfMSs)Challenges of WfMS in the CloudOur SolutionImplementationConclusion
Our Solution – DRA4WfMS Document Routing Architecture for WfMS
(DRA4WfMS) Engine-less WfMS
Supports a purely distributed operational model without needing a workflow engine to act as a trusted centralized point of coordination.
XML-based document-routing system.
Security framework Implements the main required security features such as
authentication, confidentiality, data integrity, and nonrepudiation.
Applying element-wise encryption and a cascade-based method to embed digital signatures.
Dynamic security policy Managing and controlling data accesses according to the dynamic
behavior of workflow processes. 13
Operational Models of DRA4WfMS Basic operational model
Only support authentication, confidentiality, data integrity, and nonrepudiation.
Advanced operational model Also support workflow monitor.
14
Basic operational modelof the DRA4WfMS
15
AEA (Activity Execution Agent)
AEA
AEA
Start End
Execution resultof the activity
Digital signatureembedded by the workflow participant
Workflow definition
Digital signatureembedded by the workflow designer
Synchronouscommunication
A1
A2
A3
𝐗𝐀𝟏
′ ′
Secured initial DRA4WfMS document ()
𝐗𝐀𝟐
′ ′
𝐗𝐀𝟑
′ ′
Advanced operational modelof the DRA4WfMS
AEA
AEA
Start
Execution resultof the activity
Digital signatureembedded by the workflow participant
Time stampembedded by the timestamp server
Workflow definition
Digital signatureembedded by the workflow designer
(1)
(2)
TFC Server(Timestamp and Flow-Control Server)
Synchronouscommunication
Secured initial DRA4WfMS document
TFC Server
…
A1
A2
𝐗𝐀𝟏
𝐢𝐭
𝐗𝐀𝟏
′ ′
𝐗𝐀𝟐
𝐢𝐭
16
Architecture and XML-based syntax of a DRA4WfMS documentHeader section
Application definition section
Unique process id
Workflow definition section
Security definition section
A digital signature
Activity execution result section
17
<?xml version="1.0"?><DRA4WfMS:DRA4WfMS xmlns:DRA4WfMS="http://www.DRA4WfMS.org/2010"> <UID Id="X1"/> <APDefinition Id="X2">
<!--Workflow Definition section--> <WorkflowDefinition> <Participants>...</Participants> <Activities>...</Activities> <Transitions>...</Transitions> </WorkflowDefinition>
<!--Security definition section--> <SecurityDefinition> <SignatureKeyIssuer C=".." S=".." L=".." O=".." OU=".." CN=".."/> <KeyDefinitions>...</KeyDefinitions><AlgorithmDefinitions>...</AlgorithmDefinitions> <EncryptionDefinitions>...</EncryptionDefinitions> </SecurityDefinition> <Signature Id="Y"> ... </Signature > </APDefinition>
<!--Activity execution result section--> <CERs> <CER Id="CER:Aid:Index"> ... </CER> ... </CERs> </DRA4WfMS:DRA4WfMS>
Process instance of DRA4WfMS Each process instance contains the
execution results of previous executed activities.
Guarantee nonrepudiation. Element-wise encryption. Self-protected
Without requiring an access-control server.
18
19
Applying DRA4WfMS in Cloud computing environment
A1 download the document from portal servers
AEA
A1
(1) (2)
(3)
(4)(5)
DRA4WfMS documents pool
DRA4WfMSCloudsystem
Portal servers
……
(6)
AEA
A2
Return the result document
Stores it in the pool of DRA4WfMS documents
20
OutlinesIntroduction of Workflow
Management Systems (WfMSs)Challenges of WfMS in the CloudOur SolutionImplementationConclusion
Implementation DRA4WfMS API
Implemented by the Java programming language.
Ready for download
http://www.csie.ntnu.edu.tw/~ghhwang/DRA4WfMS/DRA4WfMS_EXAMPLES.zip
DRA4WfMS cloud system in the HBase database of Apache Hadoop
Store process instance in HBase.
Provide the following operations:
Search DRA4WfMS documents
Retrieve a DRA4WfMS document
Store a DRA4WfMS document
Notify the subsequent participants
Perform workflow monitoring or statistical analyses
21
Two workflow processes for conducting experiments
Start of workflow
End of workflow
Activity Connectionedge
Condition
TFC Server
A
B1
B2
C D
Accept
Attachment is insufficient.
(A)
A
B1
B2
C D
Accept
(B)
Attachment is insufficient.
AND-split
AND-join
AND-split
AND-join
Initialdocument
Initialdocument
22
Result parameters for the workflowshown in Fig. A
23
Result parameters for the workflowshown in Fig. B
: Time required to decrypt and verify signatures in the AEA and TFC server (in seconds): Time required to encrypt and embed signatures in the AEA (in seconds): Time required to encrypt and embed signatures in the TFC server (in seconds): Size of the generated file (in bytes)
24
25
OutlinesIntroduction of Workflow
Management Systems (WfMSs)Challenges of WfMS in the CloudOur SolutionImplementationConclusion
26
Conclusion We propose a secured WfMS for the cloud computing
environment.
Document Routing Architecture for WfMS (DRA4WfMS) Does not require a workflow engine to control the execution of
activities Avoid the security problems that may arise in engine-based distributed WfMSs.
Element-wise encryption and Cascade-based method of embedding digital signatures
Make DRA4WfMS document self-protected without requiring an access-control server.
Security requirements such as authentication, confidentiality, data integrity, and nonrepudiation do not need to rely on service-level agreements between users and cloud service providers.
Different enterprises or organizations can simultaneously use a single DRA4WfMS cloud system.
Easy to implement a cross-enterprise WfMS in the DRA4WfMS cloud system.
27
THANK YOU!