On the Modeling and Verification of Security-Aware and Process-Aware Information Systems
Many business processes are modeled as workflows, which often need to comply with business rules, legal requirements, and authorization policies. Workflow satisfiability is the problem of determining whether there exists a workflow instance that realizes the workflow specification while simultaneously complying with such constraints. Although this problem has been studied by the computer security community in the past, existing solutions are tailored for particular workflow models, so their applicability to other models or richer forms of analysis is questionable. We here investigate whether the satisfiability of formulas in an NP-complete fragment of linear-time temporal logic can serve as a more expressive and versatile tool for deciding the satisfiability of workflows. We also show that this fragment can solve this problem for a standard model from the literature.
KeywordsModel Check Temporal Logic Authorized User Atomic Proposition Execution Model
Unable to display preview. Download preview PDF.
- 2.Crampton, J.: A reference monitor for workflow systems with constrained task execution. In: Proceedings of the 10th ACM Symposium on Access Control Models and Technologies, pp. 38–47 (2005)Google Scholar
- 6.van der Aalst, W.M.P., Pesic, M., Schonenberg, H.: Declarative workflows: Balancing between flexibility and support. Computer Science - R&D 23(2), 99–113 (2009)Google Scholar
- 8.Warner, J., Atluri, V.: Inter-instance authorization constraints for secure workflow management. In: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, pp. 190–199 (2006)Google Scholar
- 9.Russell, N.C.: Foundations of Process-Aware Information Systems. PhD thesis, Faculty of Information Technology, Queensland University of Technology (December 2007)Google Scholar