A Secure Workflow Model

Workflow Management Systems (WFMSs) are becoming very popular and are being used to support many of the day to day workflows in large organizations. One of the major problems with workflow management systems is that they often use heterogeneous and distributed hardware and software systems to execute a given workflow. This gives rise to decentralized security policies and mechanisms that need to be managed. Since security is an essential and integral part of workflows, the workflow management system has to manage and execute the workflows in a secure way. The prolific use of workflow management systems for critical and strategic applications gives rise to a major concern regarding the threats against integrity, authorization, and availability. In this paper, we propose an authorization model with a set of invariants for workflows from the aspects of agents, events and data, and prove that if they hold, the workflow execution is secure. Further, we develop the authorization model by a multi-layered state machine. The novel part of this model is separating the various aspects of control in a workflow and portraying it as a multi-layered architecture for analyzing the flow of authorizations.