Weak, Strong and Dynamic Controllability of Access-Controlled Workflows Under Conditional Uncertainty

  • Matteo ZavatteriEmail author
  • Carlo Combi
  • Roberto Posenato
  • Luca Viganò
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10445)


A workflow (WF) is a formal description of a business process in which single atomic work units (tasks), organized in a partial order, are assigned to processing entities (agents) in order to achieve some business goal(s). A workflow management system must coordinate the execution of tasks and WF instances. Usually, the assignment of tasks to agents is accomplished by external constraints not represented in a WF. An access-controlled workflow (ACWF) extends a classical WF by explicitly representing agent availability for each task and authorization constraint. Authorization constraints model which users are authorized for which tasks depending on “who did what”. Recent research has addressed temporal controllability of WFs under conditional and temporal uncertainty. However, controllability analysis for ACWFs under conditional uncertainty has never been addressed before. In this paper, we define weak, strong and dynamic controllability of ACWFs under conditional uncertainty, we present algorithmic approaches to address each of these types of controllability, and we synthesize execution strategies that specify which user has been (or will be) assigned to which task.


Access-controlled workflow Uncertainty Dynamic controllability AI-based security 


  1. 1.
    Cabanillas, C., Resinas, M., del Río-Ortega, A., Cortés, A.R.: Specification and automated design-time analysis of the business process human resource perspective. Inf. Syst. 52, 55–82 (2015). doi: 10.1016/ Scholar
  2. 2.
    Cimatti, A., Hunsberger, L., Micheli, A., Posenato, R., Roveri, M.: Dynamic controllability via timed game automata. Acta Informatica 53(6–8), 681–722 (2016). doi: 10.1007/s00236-016-0257-2MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Combi, C., Gambini, M., Migliorini, S.: The NestFlow interpretation of workflow control-flow patterns. In: Eder, J., Bielikova, M., Tjoa, A.M. (eds.) ADBIS 2011. LNCS, vol. 6909, pp. 316–332. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-23737-9_23CrossRefGoogle Scholar
  4. 4.
    Combi, C., Gambini, M., Migliorini, S., Posenato, R.: Representing business processes through a temporal data-centric workflow modeling language: an application to the management of clinical pathways. IEEE Trans. Syst. Man Cybern. Syst. 44(9), 1182–1203 (2014). doi: 10.1109/TSMC.2014.2300055CrossRefGoogle Scholar
  5. 5.
    Combi, C., Posenato, R., Viganò, L., Zavatteri, M.: Access controlled temporal networks. In: Proceedings of the 9th International Conference on Agents and Artificial Intelligence (ICAART), pp. 118–131 (2017). doi: 10.5220/0006185701180131
  6. 6.
    Combi, C., Viganò, L., Zavatteri, M.: Security constraints in temporal role-based access-controlled workflows. In: CODASPY 2016, pp. 207–218 (2016). doi: 10.1145/2857705.2857716
  7. 7.
    Dechter, R.: Constraint Processing. Kaufmann, San Francisco (2003)zbMATHGoogle Scholar
  8. 8.
    Dechter, R., Pearl, J.: Network-based heuristics for constraint-satisfaction problems. Artif. Intell. 34(1), 1–38 (1987). doi: 10.1016/0004-3702(87)90002-6MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Freuder, E.C.: A sufficient condition for backtrack-free search. J. ACM 29, 24–32 (1982)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Gottlob, G.: On minimal constraint networks. Artif. Intell. 191–192, 42–60 (2012). doi: 10.1016/j.artint.2012.07.006MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Hollingsworth, D.: The workflow reference model (1995).
  12. 12.
    Mackworth, A.K.: Consistency in networks of relations. Artif. Intell. 8(1), 99–118 (1977). doi: 10.1016/0004-3702(77)90007-8MathSciNetCrossRefzbMATHGoogle Scholar
  13. 13.
    Montanari, U.: Networks of constraints: fundamental properties and applications to picture processing. Inf. Sci. 7, 95–132 (1974). doi: 10.1016/0020-0255(74)90008-5MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Morris, P.H., Muscettola, N., Vidal, T.: Dynamic control of plans with temporal uncertainty. In: IJCAI 2001, pp. 494–502 (2001)Google Scholar
  15. 15.
    Reijers, H., Mendling, J.: Modularity in process models: review and effects. In: Dumas, M., Reichert, M., Shan, M.-C. (eds.) BPM 2008. LNCS, vol. 5240, pp. 20–35. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-85758-7_5CrossRefGoogle Scholar
  16. 16.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29(2), 38–47 (1996). doi: 10.1109/2.485845CrossRefGoogle Scholar
  17. 17.
    Wang, Q., Li, N.: Satisfiability and resiliency in workflow authorization systems. ACM Trans. Inf. Syst. Secur. 13(4) (2010). doi: 10.1145/1880022.1880034CrossRefMathSciNetGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Matteo Zavatteri
    • 1
    Email author
  • Carlo Combi
    • 1
  • Roberto Posenato
    • 1
  • Luca Viganò
    • 2
  1. 1.Dipartimento di InformaticaUniversità di VeronaVeronaItaly
  2. 2.Department of InformaticsLondonUK

Personalised recommendations