Skip to main content
SpringerLink
Log in

Resiliency Variance in Workflows with Choice

  • Conference paper
  • First Online:
Software Engineering for Resilient Systems (SERENE 2015)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 9274))

Included in the following conference series:

Abstract

Computing a user-task assignment for a workflow coming with probabilistic user availability provides a measure of completion rate or resiliency. To a workflow designer this indicates a risk of failure, especially useful for workflows which cannot be changed due to rigid security constraints. Furthermore, resiliency can help outline a mitigation strategy which states actions that can be performed to avoid workflow failures. A workflow with choice may have many different resiliency values, one for each of its execution paths. This makes understanding failure risk and mitigation requirements much more complex. We introduce resiliency variance, a new analysis metric for workflows which indicates volatility from the resiliency average. We suggest this metric can help determine the risk taken on by implementing a given workflow with choice. For instance, high average resiliency and low variance would suggest a low risk of workflow failure.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 34.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 44.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://www.fin.unsw.edu.au/files/PP/Purchase_Order_Procedure.pdf.

References

  1. Workflow Management Coalition: The workflow reference model. In: Lawrence, P. (ed.) Workflow Handbook 1997, pp. 243–293. Wiley, New York (1997)

    Google Scholar 

  2. Bakkali, H.E.: Enhancing workflow systems resiliency by using delegation and priority concepts. J. Digit. Inf. Manag. 11(4), 267–276 (2013)

    MATH  Google Scholar 

  3. Basin, D., Burri, S.J., Karjoth, G.: Obstruction-free authorization enforcement: aligning security with business objectives. In: Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium, CSF 2011, pp. 99–113. IEEE Computer Society, Washington, DC (2011)

    Google Scholar 

  4. Basin, D., Burri, S.J., Karjoth, G.: Optimal workflow-aware authorizations. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, SACMAT 2012, pp. 93–102. ACM, New York (2012)

    Google Scholar 

  5. Basu, A., Kumar, A.: Research commentary: workflow management issues in e-business. Inf. Syst. Res. 13(1), 1–14 (2002)

    Article  Google Scholar 

  6. Bellman, R.: A Markovian decision process. Indiana Univ. Math. J. 6, 679–684 (1957)

    Article  MATH  Google Scholar 

  7. Botha, R., Eloff, J.H.P.: Separation of duties for access control enforcement in workflow environments. IBM Syst. J. 40(3), 666–682 (2001)

    Article  MATH  Google Scholar 

  8. Brunel, J., Cuppens, F., Cuppens, N., Sans, T., Bodeveix, J.-P.: Security policy compliance with violation management. In: Proceedings of the 2007 ACM Workshop on Formal Methods in Security Engineering, FMSE 2007, pp. 31–40. ACM, New York (2007)

    Google Scholar 

  9. Crampton, J., Gutin, G., Yeo, A.: On the parameterized complexity and kernelization of the workflow satisfiability problem. ACM Trans. Inf. Syst. Secur. 16(1), 4 (2013)

    Article  Google Scholar 

  10. Crampton, J., Morisset, C.: An auto-delegation mechanism for access control systems. In: Cuellar, J., Lopez, J., Barthe, G., Pretschner, A. (eds.) STM 2010. LNCS, vol. 6710, pp. 1–16. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  11. Damodaran, A.: Strategic Risk Taking: A Framework for Risk Management, 1st edn. Wharton School Publishing, Upper Saddle River (2007)

    Google Scholar 

  12. Eder, J., Liebhart, W.: Workflow recovery. In: Proceedings of the First IFCIS International Conference on Cooperative Information Systems, 1996, pp. 124–134, June 1996

    Google Scholar 

  13. Gaaloul, K., Schaad, A., Flegel, U., Charoy, F.: A secure task delegation model for workflows. In: Second International Conference on Emerging Security Information, Systems and Technologies, 2008, SECURWARE 2008, pp. 10–15, August 2008

    Google Scholar 

  14. Georgakopoulos, D., Hornick, M., Sheth, A.: An overview of workflow management: from process modeling to workflow automation infrastructure. Distrib. Parallel Databases 3(2), 119–153 (1995)

    Article  Google Scholar 

  15. Hiden, H., Woodman, S., Watson, P., Cala, J.: Developing cloud applications using the e-science central platform. Philos. Trans. R. Soc. A Math. Phys. Eng. Sci. 371(1983), 20120085 (2013)

    Article  Google Scholar 

  16. Kiepuszewski, B., ter Hofstede, A.H.M., Bussler, C.J.: On structured workflow modelling. In: Wangler, B., Bergman, L.D. (eds.) CAiSE 2000. LNCS, vol. 1789, pp. 431–445. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  17. Kohler, M., Liesegang, C., Schaad, A.: Classification model for access control constraints. In: IEEE International Performance, Computing, and Communications Conference, 2007, IPCCC 2007, pp. 410–417, April 2007

    Google Scholar 

  18. Kumar, A., van der Aalst, W.M.P., Verbeek, E.M.W.: Dynamic work distribution in workflow management systems: how to balance quality and performance. J. Manage. Inf. Syst. 18(3), 157–193 (2002)

    MATH  Google Scholar 

  19. Kwiatkowska, M., Norman, G., Parker, D.: PRISM 4.0: verification of probabilistic real-time systems. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 585–591. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  20. Mace, J.C., Morisset, C., van Moorsel, A.: Quantitative workflow resiliency. In: Kutyłowski, M., Vaidya, J. (eds.) ICAIS 2014, Part I. LNCS, vol. 8712, pp. 344–361. Springer, Heidelberg (2014)

    Google Scholar 

  21. Mace, J., Morisset, C., van Moorsel, A.: Modelling user availability in workflow resiliency analysis. In: Proceedings of the Symposium and Bootcamp on the Science of Security, HotSoS. ACM (2015)

    Google Scholar 

  22. Mace, J.C., Morisset, C., van Moorsel, A.: Impact of policy design on workflow resiliency computation time. Technical Report CS-TR-1469, School of Computing Science, Newcastle University, UK, May 2015

    Google Scholar 

  23. Marinovic, S., Craven, R., Ma, J., Dulay, N.: Rumpole: a flexible break-glass access control model. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, SACMAT 2011, pp. 73–82. ACM, New York (2011)

    Google Scholar 

  24. Povey, D.: Optimistic security: a new access control paradigm. In: Proceedings of the 1999 Workshop on New Security Paradigms, NSPW 1999, pp. 40–45. ACM, New York (2000)

    Google Scholar 

  25. Reichert, M., Weber, B.: Enabling Flexibility in Process-aware Information Systems: Challenges, Methods, Technologies. Springer Science & Business Media, Heidelberg (2012)

    Book  MATH  Google Scholar 

  26. Russell, N., van der Aalst, W.M.P., ter Hofstede, A.H.M.: Workflow exception patterns. In: Martinez, F.H., Pohl, K. (eds.) CAiSE 2006. LNCS, vol. 4001, pp. 288–302. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  27. van der Aalst, W.M.P., Hirnschall, A., Verbeek, H.M.W.E.: An alternative way to analyze workflow graphs. In: Pidduck, A.B., Mylopoulos, J., Woo, C.C., Ozsu, M.T. (eds.) CAiSE 2002. LNCS, vol. 2348, pp. 535–552. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  28. Wainer, J., Barthelmess, P., Kumar, A.: W-RBAC - a workflow security model incorporating controlled overriding of constraints. Int. J. Coop. Inf. Syst. 12, 2003 (2003)

    Article  Google Scholar 

  29. Wang, Q., Li, N.: Satisfiability and resiliency in workflow authorization systems. ACM Trans. Inf. Syst. Secur. 13(4), 40:1–40:35 (2010)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing Science, Newcastle University, Newcastle upon Tyne, NE1 7RU, UK

    John C. Mace, Charles Morisset & Aad van Moorsel

Authors
  1. John C. Mace
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Charles Morisset
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Aad van Moorsel
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to John C. Mace .

Editor information

Editors and Affiliations

  1. University of Florence, Firence, Italy

    Alessandro Fantechi

  2. University of Gothenburg, Gothenburgh, Sweden

    Patrizio Pelliccione

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Mace, J.C., Morisset, C., van Moorsel, A. (2015). Resiliency Variance in Workflows with Choice. In: Fantechi, A., Pelliccione, P. (eds) Software Engineering for Resilient Systems. SERENE 2015. Lecture Notes in Computer Science(), vol 9274. Springer, Cham. https://doi.org/10.1007/978-3-319-23129-7_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-23129-7_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-23128-0

  • Online ISBN: 978-3-319-23129-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation