Explication of Termination Semantics as a Security-Relevant Feature in Business Process Modeling Languages

Gulden, Jens

doi:10.1007/978-3-319-06257-0_38

Jens Gulden⁹

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 171))

Included in the following conference series:

International Conference on Business Process Management

1549 Accesses

Abstract

Some business process modeling languages offer explicit constructs for expressing time-out conditions and other termination semantics with regard to process execution. However, the use of these language elements is usually optional, and most languages allow to model business processes without any time-outs or other termination conditions at all. This leads to an underspecification of execution semantics with negative impact on execution safety and security, because it remains open how processes will behave, if some of the involved process steps terminate other than expected, or do not terminate at all. The work presented in this article motivates the obligatory use of termination semantics in business process models and newly created business process modeling languages, especially in domain-specific process modeling languages.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
The work presented in this section has flown into the project ReSCUeIT, funded by the German Federal Ministry of Education and Research (Bundesministerium für Bildung und Forschung, BMBF) under support code no. 13N10963 – 13N10968.

References

Fahland, D., Favre, C., Koehler, J., Lohmann, N., Völzer, H., Wolf, K.: Analysis on demand: instantaneous soundness checking of industrial business process models. Data Knowl. Eng. 70(5), 448–466 (2011)
Article Google Scholar
Friedenstab, J.-P., Janiesch, C., Matzner, M., Müller, O.: Extending BPMN for business activity monitoring. In: Proceedings of the 45th Hawai’i International Conference on System Sciences (HICSS), Maui, HI, pp. 1–10 (2012)
Google Scholar
Gruhn, V., Laue, R.: Complexity metrics for business process models. In: 9th International Conference on Business Information Systems (BIS 2006). LNI, vol. 85, pp. 1–12 (2006)
Google Scholar
Business Process Management Initiative. Business process modeling notation 2.0 (BPMN 2.0) (2011)
Google Scholar
Kelly, S., Tolvanen, J.-P.: Domain Specific Modeling: Enabling Full Code-Generation. Wiley, New York (2008)
Book Google Scholar
Mendling, J., Lassen, K.B., Zdun, U.: On the transformation of control flow between block-oriented and graph-oriented process modeling languages. Int. J. Bus. Process Integr. Manage. (IJBPIM). Special Issue on Model-Driven Engineering of Executable Business Process Models 3(2), 96–108 (2008)
Google Scholar
Monakova, G., Schaad, A.: Visualizing security in business processes. In: SACMAT ’11 Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, pp. 147–148. ACM, New York (2011)
Google Scholar
OASIS Web Services Business Process Execution Language (WSBPEL) Technical Committee. Web services business process execution language version 2.0. http://docs.oasis-open.org/wsbpel/2.0/OS/wsbpel-v2.0-OS.html (2007)
Pretschner, A., Hilty, M., Basin, D.: Distributed usage control. Commun. ACM - Priv. Secur. Highly Dyn. Syst. 49, 39–44 (2006)
Google Scholar
Schefer, S., Strembeck, M., Mendling, J., Baumgrass, A.: Detecting and resolving conflicts of mutual-exclusion and binding constraints in a business process context. In: 19th International Conference on Cooperative Information Systems (CoopIS 2011), Crete, Greece (2011)
Google Scholar
Simon, C., Mendling, J.: Verification of forbidden behavior in EPCS. In: Mayr, H.C., Brey, R. (eds) Modellierung 2006. LNI, vol. P-82, pp. 233–242 (2006)
Google Scholar
van der Aalst, W.M.P., Ter Hofstede, A.H.M., Kiepuszewski, B., Barros, A.P.: Workflow patterns. Distrib. Parallel Databases 3(14), 5–51 (2003)
Article Google Scholar
van Dongen, B.F., Mendling, J., van der Aalst, W.M.P.: Structural patterns for soundness of business process models. In: Proceedings of the Tenth IEEE International Enterprise Computing Conference (EDOC 2006), Hong Kong, China, pp. 116–128. IEEE Computer Society, Washington, D.C., 16–20 Oct. 2006
Google Scholar
Weber, I., Hoffmann, J., Mendling, J.: Beyond soundness: on the verification of semantic business process models. Distrib. Parallel Databases (DAPD) 27(3), 271–343 (2008)
Article Google Scholar

Download references

Author information

Authors and Affiliations

IT Security Management, University of Siegen, Hölderlinstr. 3, 57068, Siegen, Germany
Jens Gulden

Authors

Jens Gulden
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jens Gulden .

Editor information

Editors and Affiliations

University of Rostock, Rostock, Germany
Niels Lohmann
Ulsan National Institute of Science and Technology, Ulsan, Korea, Republic of (South Korea)
Minseok Song
Stockholm University, Stockholm, Sweden
Petia Wohed

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Gulden, J. (2014). Explication of Termination Semantics as a Security-Relevant Feature in Business Process Modeling Languages. In: Lohmann, N., Song, M., Wohed, P. (eds) Business Process Management Workshops. BPM 2013. Lecture Notes in Business Information Processing, vol 171. Springer, Cham. https://doi.org/10.1007/978-3-319-06257-0_38

Download citation

DOI: https://doi.org/10.1007/978-3-319-06257-0_38
Published: 10 May 2014
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-06256-3
Online ISBN: 978-3-319-06257-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics