Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage

SpaCCS 2016: Security, Privacy, and Anonymity in Computation, Communication, and Storage pp 358–373Cite as

Service-Oriented Workflow Executability from a Security Perspective

  • Conference paper
  • First Online:

  • 1356 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10066))

Abstract

Scientific workflows are composed of different services to support scientific experiments. Often such services are provided by different organizations that can have their own autonomous access control policies. Workflows are often shared and repurposed with the same and/or different datasets to repeat scientific experiments, therefore, different users can require different privileges to access different services to execute (enact) a given workflow. It can be the case that a given user may not have sufficient privileges to access some of the services of the workflow. As such, it needs to be ascertained whether a user (or enactment engine acting on behalf of a user) with a given set of security credentials should be allowed to enact a workflow and whether this will lead to runtime failure of the workflow. Ideally it should be determined a priori whether a path exists from the root node of the workflow graph to the leaf node, i.e. that it is possible for the workflow to be fully executable or partially executable on the basis of the available credentials of the user. This paper presents an algorithm and its realization that exploits existing workflow patterns to determine the structural path of the workflow whilst checking the availability of credentials at different service points in the workflow path.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Bowers, S., Ludascher, B., Ngu, A.H.H., Critchlow, T.: Enabling scientific workflow reuse through structured composition of dataflow and control-flow. In: Proceedings of 22nd International Conference on Data Engineering Workshops, 2006, pp. 70–70 (2006)

    Google Scholar 

  2. Van Der Aalst, W.M.P., Ter Hofstede, A.H.M., Kiepuszewski, B., Barros, A.P.: Workflow patterns. Distrib. Parallel Databases 14(1), 5–511 (2003)

    Article  Google Scholar 

  3. Ter Hofstede, A.H.M., Van Der Aalst, W.M.: YAWL: yet another workflow language. Inf. Syst. 30(4), 245–275 (2005)

    Article  Google Scholar 

  4. Jordan, D., Evdemon, J., Alves, A., Arkin, A., Askary, S., Barreto, C., Bloch, B., et al.: Web services business process execution language version 2.0, OASIS Standard 11 (2007)

    Google Scholar 

  5. Fahringer, T., et al.: Askalon: a development and grid computing environment for scientific workflows. In: Taylor, I.J., Deelman, E., Gannon, D.B., Shields, M. (eds.) Workflows for e-Science, pp. 450–471. Springer, London (2007)

    Chapter  Google Scholar 

  6. Taylor, I.J., Deelman, E., Gannon, D.B.: Workflows for e-Science: scientific workflows for grids (2006)

    Google Scholar 

  7. Johnson, D.B.: A note on Dijkstra’s shortest path algorithm. J. ACM (JACM) 20(3), 385–388 (1973)

    Article  MATH  Google Scholar 

  8. Goldberg, A.V., Harrelson, C.: Computing the shortest path: a search meets graph theory. In: Proceedings of the Sixteenth Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 156–165 (2005)

    Google Scholar 

  9. Xu, M., Cui, L., Wang, H., Bi, Y., Bian, J.: A data-intensive workflow scheduling algorithm for grid computing. In: ChinaGrid Annual Conference, 2009, ChinaGrid 2009, pp. 110–115 (2009)

    Google Scholar 

  10. Ludäscher, B., Lin, K., Bowers, S., Jaeger-Frank, E., Brodaric, B., Baru, C.: Managing scientific data: from data integration to scientific workflows. Geoinform. Data Knowl. 109 (2006)

    Google Scholar 

  11. Migliorini, S., Gambini, M., La Rosa, M., Ter Hofstede, A.H.M.: Pattern-based evaluation of scientific workflow management systems (2011)

    Google Scholar 

  12. Sadiq, W., Orlowska, M.E.: Applying graph reduction techniques for identifying structural conflicts in process models. In: Jarke, M., Oberweis, A. (eds.) CAiSE 1999. LNCS, vol. 1626, pp. 195–209. Springer, Heidelberg (1999). doi:10.1007/3-540-48738-7_15

    Chapter  Google Scholar 

  13. Sadiq, W., Orlowska, M.E.: Analyzing process models using graph reduction techniques. Inf. Syst. 25(2), 117–134 (2000)

    Article  Google Scholar 

  14. Eder, J., Gruber, W., Pichler, H.: Transforming workflow graphs. In: Proceedings of the First International Conference on Interoperability of Enterprise Software and Applications (INTEROP-ESA 2005) (2005)

    Google Scholar 

  15. Vanhatalo, J., Völzer, H., Leymann, F., Moser, S.: Automatic workflow graph refactoring and completion. In: Bouguettaya, A., Krueger, I., Margaria, T. (eds.) ICSOC 2008. LNCS, vol. 5364, pp. 100–115. Springer, Heidelberg (2008). doi:10.1007/978-3-540-89652-4_11

    Chapter  Google Scholar 

  16. Chang, D.-H., Son, J.H., Kim, M.H.: Critical path identification in the context of a workflow. Inf. Softw. Technol. 44(7), 405–417 (2002)

    Article  Google Scholar 

  17. Altunay, M., Brown, D., Byrd, G., Dean, R.: Trust-based secure workflow path construction. In: Benatallah, B., Casati, F., Traverso, P. (eds.) ICSOC 2005. LNCS, vol. 3826, pp. 382–395. Springer, Heidelberg (2005). doi:10.1007/11596141_29

    Chapter  Google Scholar 

  18. Wimmer, M., Albutiu, M.-C., Kemper, A.: Optimized workflow authorization in service oriented architectures. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 30–44. Springer, Heidelberg (2006). doi:10.1007/11766155_3

    Chapter  Google Scholar 

  19. Wong, P.Y.H., Gibbons, J.: A process-algebraic approach to workflow specification and refinement. In: Lumpe, M., Vanderperren, W. (eds.) SC 2007. LNCS, vol. 4829, pp. 51–65. Springer, Heidelberg (2007). doi:10.1007/978-3-540-77351-1_5

    Chapter  Google Scholar 

  20. Li, P., Castrillo, J.I., Velarde, G., Wassink, I., Soiland-Reyes, S., Owen, S., Withers, D., et al.: Performing statistical analyses on quantitative data in Taverna workflows: an example using R and maxdBrowse to identify differentially-expressed genes from microarray data. BMC Bioinformatics 9(1), 334 (2008)

    Article  Google Scholar 

  21. Tan, K.L.L., Turner, K.J.: Orchestrating grid services using BPEL and Globus Toolkit 4. In: 7th PGNet Symposium (2006)

    Google Scholar 

  22. Dornemann, T., Smith, M., Freisleben, B.: Composition and execution of secure workflows in wsrf-grids. In: 8th IEEE International Symposium on Cluster Computing and the Grid, 2008, CCGRID 2008, pp. 122–129 (2008)

    Google Scholar 

  23. Sinnott, R.O., Hussain, S.: Security-oriented workflows for the social sciences. In: 2010 4th International Conference on Network and System Security (NSS), pp. 152–159 (2010)

    Google Scholar 

  24. Sinnott, R.O., Hussain, S.: Architectural design patterns for security-oriented workflows in the social science domain. In: Conference on e-Social Science, Cologne, Germany, 24–26 June 2009 (2009)

    Google Scholar 

  25. Hussain, S., Sinnott, R.O., Poet, R.: A security-oriented workflow framework for collaborative environments. In: IEEE 15th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2016 (2016, in press)

    Google Scholar 

  26. Hussain, S., Sinnott, R.O., Poet, R.: Security-enabled enactment of decentralized workflows. In: ACM 9th International Conference on Security of Information and Networks, 2016 (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing Science, University of Glasgow, Glasgow, G12 8QQ, UK

    Sardar Hussain & Ron Poet

  2. Department of Computing and Information Systems, University of Melbourne, Melbourne, 3010, Australia

    Richard O. Sinnott

Authors
  1. Sardar Hussain
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Richard O. Sinnott
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ron Poet
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sardar Hussain .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. Department of Computer Science, Colorado State University, Fort Collins, Colorado, USA

    Indrakshi Ray

  3. University of the West of Scotland, Paisley, Glasgow, United Kingdom

    Jose M. Alcaraz Calero

  4. Indian Institute of Information Technology and Management, Kerala (IIITMK), Trivandrum, Kerala, India

    Sabu M. Thampi

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Hussain, S., Sinnott, R.O., Poet, R. (2016). Service-Oriented Workflow Executability from a Security Perspective. In: Wang, G., Ray, I., Alcaraz Calero, J., Thampi, S. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2016. Lecture Notes in Computer Science(), vol 10066. Springer, Cham. https://doi.org/10.1007/978-3-319-49148-6_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-49148-6_30

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-49147-9

  • Online ISBN: 978-3-319-49148-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation