Name
Title | ||
|---|---|---|
Adapting Workflows Using Generic Schemas: Application to the Security of Business Processes |
Abstract | ||
|---|---|---|
Existing approaches to the adaptation of workflows over web services fall short in two respects. First, they only provide, if ever, limited means for taking into account the execution history of a workflow. Second, they do not support adaptations that require modifications not only at the service composition level but also at the levels of interceptors and service implementations. This is particular problematic for the enforcement of security properties over workflows: enforcing authorization properties, for instance, frequently requires execution contexts to be defined and modifications to be applied at all these abstraction levels of web services. We present two main contributions in this context. First, we introduce workflow adaptation schemas (WAS), a new notion of generic protocol-based workflow adapters. WAS enable the declarative definition of adaptations involving complex service compositions and implementations. Second, we present two real-world security issues related to the use of OAuth 2.0, a recent and widely used framework for the authorization of resource accesses. As we motivate, these security issues require history-based adaptations over different abstraction levels of services. We then show how to resolve these issues using WAS. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1109/CloudCom.2013.75 | CloudCom |
Keywords | Field | DocType |
Web services,authorisation,business data processing,OAuth 2.0,WAS,Web services,authorization properties,business process security,complex service compositions,complex service implementations,execution contexts,generic protocol-based workflow adapters,generic schemas,history-based adaptations,interceptor levels,real-world security issues,resource access authorization,security property enforcement,service abstraction levels,service composition level,workflow adaptation schemas,workflow execution history | World Wide Web,Abstraction,Software engineering,Business process,Computer science,Implementation,Enforcement,Web service,Workflow management system,Workflow,Cloud computing,Distributed computing | Conference |
Volume | ISSN | Citations |
1 | 2330-2194 | 0 |
PageRank | References | Authors |
0.34 | 9 | 3 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Ronan-Alexandre Cherrueau | 1 | 2 | 1.75 |
| Mario Südholt | 2 | 625 | 54.39 |
| Omar Chebaro | 3 | 62 | 4.82 |