Skip to main content
SpringerLink
Log in

Recovering from Malicious Attacks in Workflow Systems

  • Conference paper
Database and Expert Systems Applications (DEXA 2005)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3588))

Included in the following conference series:

Abstract

Workflow management systems (WFMS) coordinate execution of logically related multiple tasks in an organization. Such coordination is achieved through dependencies that are specified between the tasks of a workflow. Often times preventive measures are not enough and a workflow may be subjected to malicious attacks. Traditional workflow recovery mechanisms do not address how to recover from malicious attacks. Database survivability techniques do not work for workflow because tasks in a workflow have dependencies that are not present in traditional transaction processing systems. In this paper, we present an algorithm that shows how we can assess and repair the effects of damage caused by malicious tasks. Our algorithm focuses not only on restoring the consistency of data items by removing the effects of malicious tasks but also takes appropriate actions to ensure the satisfaction of task dependencies among all the committed tasks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ammann, P., Jajodia, S., Liu, P.: Recovery from malicious transactions. IEEE Trans. on Knowledge and Data Engineering 14, 1167–1185 (2002)

    Article  Google Scholar 

  2. Bernstein, P.A., Hadzilacos, V., Goodman, N.: Concurrency Control and Recovery in Database Systems. Addison-Wesley, Reading (1987)

    Google Scholar 

  3. Chrysanthis, P.: ACTA, A framework for modeling and reasoning aout extended transactions. PhD thesis, University of Massachusetts, Amherst, Massachusetts (1991)

    Google Scholar 

  4. Eder, J., Liebhart, W.: Workflow Recovery. In: Proceeding of Conference on Cooperative Information Systems, pp. 124–134 (1996)

    Google Scholar 

  5. Gore, M.M., Ghosh, R.K.: Recovery in Distributed Extended Long-lived Transaction Models. In: Proceedings of the 6th International Conference DataBase Systems for Advanced Applications, April 1999, pp. 313–320 (1999)

    Google Scholar 

  6. Kiepuszewski, B., Muhlberger, R., Orlowska, M.: Flowback: Providing backward recovery for workflow systems. In: Proceeding of the ACM SIGMOD International Conference on Management of Data, pp. 555–557 (1998)

    Google Scholar 

  7. Lala, C., Panda, B.: Evaluating damage from cyber attacks. IEEE Transactions on Systems, Man and Cybernetics 31(4), 300–310 (2001)

    Article  Google Scholar 

  8. Yu, M., Liu, P., Zang, W.: Multi-Version Attack Recovery for Workflow Systems. In: 19th Annual Computer Security Applications Conference, December 2003, pp. 142–151 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Colorado State University,  

    Yajie Zhu, Tai Xin & Indrakshi Ray

Authors
  1. Yajie Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tai Xin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Indrakshi Ray
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Copenhagen Business School, Centre for Applied ICT, 60 Howitzvej, 2000, Frederiksberg, DK

    Kim Viborg Andersen

  2. University Of Technology Sydney, NSW 2007, Australia

    John Debenham

  3. University of Linz, Altenbergerstraße 69, 4040, Linz, Austria

    Roland Wagner

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhu, Y., Xin, T., Ray, I. (2005). Recovering from Malicious Attacks in Workflow Systems. In: Andersen, K.V., Debenham, J., Wagner, R. (eds) Database and Expert Systems Applications. DEXA 2005. Lecture Notes in Computer Science, vol 3588. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11546924_2

Download citation

  • DOI: https://doi.org/10.1007/11546924_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-28566-3

  • Online ISBN: 978-3-540-31729-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation