Advertisement

Cryptographic Approch for Workflow Systems

  • Yasuo Hatano
  • Kunihiko Miyazaki
  • Toshinobu Kaneko
Conference paper
Part of the IFIP – The International Federation for Information Processing book series (IFIPAICT, volume 286)

Abstract

This paper proposes encryption schemes to enforce the order of the procedure in a workflow system. In workflow systems, it is important to perform a procedure according to an order that is given by some regulation. In addition, it is desired that each reviewer checks a necessary part of a document to admit the application because the document sometime contains privacy information, e.g., name, birthday, income and so on. There is a procedure in a workflow system which it is sufficient to pass if one of two reviewers admits the document. More generally, there is a procedure in a workflow system that can be passed if k of n reviewers admit the document, which we call a “threshold procedure”. By applying a cryptographic technique, e.g., a multiple encryption and secret sharing, this paper gives a method to realize various procedures in workflow systems, i.e., controlling the order of reviewers, disclosing a part of document selectively, and a threshold procedure. Conventional workflow systems control their procedure by a server, which we consider a trusted one. This implies that an administrator might tamper a procedure. The proposed schemes help us to enforce a procedure even if he/she is not trustworthy.

Keywords

Encryption Scheme Secret Sharing Decryption Algorithm Basic Construction Credit Facility 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    “The Sarbanes-Oxley Act.”, 2002.Google Scholar
  2. 2.
    Financial Services Agency, “Financial Instruments and Exchange Law”, 2006. http://www.fsa.go.jp/common/diet/164/index.html (in Japanese)
  3. 3.
    “Private Information Protection Law”, http://www.kantei.go.jp/jp/it/privacy/houseika/hourituan/ (in Japanese)
  4. 4.
  5. 5.
    M. Abe, R. Gennaro and K. Kurosawa, “Tag-KEM/DEM: A New Framework Hy-brid Encryption”, IACR Cryptology ePrint Archive: Report 2005/027, 2005. Available at http://eprint.iacr.org/2005/027
  6. 6.
    M. Bellare, A. Desai, D. Pointcheval and P. Rogaway, “Relations Among Notions of Security for Public-Key Encryption Schemes”, Advances in Cryptology - CRYPTO’98, Lecture Note in Computer Science, Vol. 1462 (LNCS 1462), pp.26-46, Springer-Verlag, 1998.Google Scholar
  7. 7.
    M. Bellare, A. Boldyreva and J. Staddon, “Multi-Recipient Encryption Schemes: Security Notions and Randomness Re-Use”, Public Key Cryptography - PKC 2003, Lecture Notes in Computer Science Vol.2567 (LNCS 2567), pp.85-99, Springer-Verlag, 2003Google Scholar
  8. 8.
    R. Cramer and V. Shoup, “Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack”, SIAM Journal on Computing archive, Vol. 33 , Issue 1, Society for Industrial and Applied Mathematics Philadelphia, PA, USA, pp. 167-226, Society for Industrial and Applied Mathematics, 2004.Google Scholar
  9. 9.
    Y. Dodis and A. Ivan, “Proxy cryptography revisited”, In Proceedings of the 10th Annual Network and Distributed System Security Symposium (NDSS), February 2003.Google Scholar
  10. 10.
    Y. Hatano and K. Miyazaki, “An Encryption Method for Multiple Receivers with Different Roles”, IEICE Technical Report, ISEC2005-167, 2006. (In Japanese)Google Scholar
  11. 11.
    Y. Hatano, K. Miyazaki and Toshinobu Kaneko, “A Study on Extended Multi-Recipient En- cryption: Security Notion and Constructions”, IEICE Technical Report, ISEC2007-88, 2007. (In Japanese)Google Scholar
  12. 12.
    R. Impagliazzo and M. Luby, “One-way functions are essential for complexity based cryp- tography”, Proceedings of the 30th Symposium on Foundations of Computer Science, pp. 230-235, 1989.Google Scholar
  13. 13.
    M. G. Reed, P. F. Syverson and D. M. Goldshlag, “Anonymous Connections and Onion Rout- ing”, IEEE Journal on Special Areas in Communications, vol. 16, No. 4, pp. 482-494, 1998.CrossRefGoogle Scholar
  14. 14.
    R. Rivest, “All-Or-Nothing encryption and the package transform”, Fast Software Encryption ’97, Lecture Notes on Computer Science, vol. 1267, pp. 210-218, Springer-Verlag, 1997.CrossRefGoogle Scholar
  15. 15.
    A. Shamir, “How to share a secret”, communications of the ACM, 22(11), pp.612-613, 1979.MATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    R. Zhang, G. Hanaoka, J. Shikata and Hideki Imai, “On the Security of Multiple Encryption or CCA-security+CCA-security=CCA-security”, Public Key Cryptography - PKC 2004, 7th International Workshop on Theory and Practice in Public Key Cryptography, Lecture Notes on Computer Science, vol. 2947 (LNCS 2947), pp.360-374, 2004.Google Scholar

Copyright information

© International Federation for Information Processing 2008

Authors and Affiliations

  • Yasuo Hatano
    • 1
  • Kunihiko Miyazaki
    • 1
  • Toshinobu Kaneko
    • 2
  1. 1.Systems Development LaboratoryHitachi, Ltd.Kanagawa-ken
  2. 2.Tokyo University of ScienceChiba-ken

Personalised recommendations