Formal Analysis of Workflow Systems with Security Considerations
نویسندگان
چکیده
Security considerations, such as role-based access control (RBAC) mechanism and separation of duty (SoD) constraints, are important and integral to workflow systems. We propose the use of an equation-based method – the OTS/CafeOBJ method to specify workflow systems with such security considerations, and verify some desired safety and liveness properties of workflow systems. Specifically, a workflow system, together with its security considerations, is modeled as an OTS, a kind of transition system. Then the OTS is written in CafeOBJ, an algebraic specification language. We express safety and liveness properties in CafeOBJ and verify that the OTS satisfies these properties by writing proof scores in CafeOBJ. We use a case study – formal analysis of a workflow system that deals with travel expense reimbursement, to demonstrate our method of modeling, specifying and verifying.
منابع مشابه
Formal Analysis of Workflow Systems with Security Considerations
Workflow systems play an essential role in today’s enterprises by providing automatic manipulation of business processes. As an integral part of workflow systems, workflow security has received extensive attentions, within which role-based access control (RBAC) mechanism and separation of duty (SoD) constraints are important topics. RBAC is a natural mechanism to lighten the complexity of secur...
متن کاملOn the Satisfiability of Constraints in Workflow Systems
The specification and enforcement of authorization policies such as separation of duty and binding of duty in workflow systems is an important area of current research in computer security. We introduce a formal model for constrained workflow systems that incorporate constraints for implementing such policies. We define an entailment constraint, which is defined on a pair of tasks in a workflow...
متن کاملSynthesizing and Verifying Plans for Constrained Workflows: Transferring Tools from Formal Methods
Many business processes are modeled as workflows and workflow management systems are used to specify and coordinate the execution of those business processes. The execution of workflows is often constrained, e.g. by business rules, legal requirements or access control. It is therefore important to know whether a workflow specification is consistent and so implementable. This question of workflo...
متن کاملModeling, Specifying and Implementing Workflow Security in Cyberspace
Workflow Management (WFM) Systems automate traditional processes where information flows between individuals. WFM systems have two major implications for security. Firstly, since the description of a workflow process explicitly states when which function is to be performed by whom, security specifications may be automatically derived from such descriptions. Secondly, the derived security specif...
متن کاملComputationally secure multiple secret sharing: models, schemes, and formal security analysis
A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. in such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. Up to now, existing MSSs either require too long shares for participants to be perfect secur...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005