سیستم جریان کار AutoWF - A وب سایت امن با استفاده از اشیاء خودگردان

Workflow management systems (WFMS) automate business processes where information flows between individuals. WFMS have two major implications for security: First, since the description of a workflow process explicitly states when which function is to be performed by whom, security specifications may be derived from such descriptions and translated into static role-based specifications. Second, since the WFMS is to be operated on the Web using web agents, dynamic and individual security rules must be enforced. AutoWF includes both types of security policies. AutoWF is implemented on top of a powerful software foundation––autonomous objects. Both general workflow management tasks and specific functional tasks are implemented as autonomous objects distributed over the Internet. This paper surveys some of the concepts on which the system is based, it then concentrates on the design and architectural issues of the AutoWF system, and finally we present some implementation examples.

Workflow management systems (WFMS) automate traditional processes where information flows between individuals. Although WFMS have been in existence for a number of years, the trend towards greater interconnection will greatly impact such systems. On the one hand, interaction will involve more and more non-human participants. On the other hand the participants in workflow processes will become more and more unrelated, and therefore, their security becomes a major concern. The key to secure implementation of WFMS is proper authentication and authorization of participants in a workflow process. It is our contention that Alter-egos (see [8] and Section 2) are particularly suitable for authentication, while roles are particularly suitable for authorization. Stated differently, we will assume that a potential participant will present an Alter-ego that will serve as a proof of the participant's identity and which, along with other information, will identify the participant's role. In earlier papers we discussed the concept of Alter-egos [15] and the derivation of security and privacy rules for a workflow system using them. In [8] we also presented an example implementation which was based on a specific prolog based object-oriented system called Mokum [13]. In [7] we generalized and formalized the above model using the Z formal specification language [20], and we presented a very general architecture on top of which this model can be implemented. In this paper we focus on an architecture and implementation which is based on the concept of autonomous objects [11]. Autonomous objects represent active database objects which can be distributed over the Internet, yet they are connected by a single name space, can communicate securely between them, and have special gates to their functional methods called guards which can be used to verify security before any action is performed. This makes them a very convenient tool for implementing a secure workflow system over the Internet. The rest of this paper is structured as follows: Section 2 gives some background on Alter-egos, workflow and security, and introduces the Bank loan workflow example. This section also reviews the concept of autonomous objects and briefly describes the AutO system. Section 3 discusses in more detail some of the security problems occurring in workflow systems, in particular the concept of dynamic authorization, and then presents our model for solving them. Section 4 presents the architecture of the AutoWF system and its mapping to autonomous objects. Section 5 presents some more details on some of the system components such as the Dynamic Authorization administrator. Section 6 presents an implemented test case, and Section 7 contains the conclusions of the paper. For reasons of space, the full specifications (in Z) of the AutoWF system is not given, and can be found in [18].

This paper discussed the design of a secure workflow system based on the paradigms of Alter-egos and dynamic authorization and constructed an implementation on top of a powerful object-oriented foundation of autonomous objects over the Internet. The system integrates the concepts of role-based and dynamic authorization in a single framework. Although, some concepts of this paper have appeared before, this is the first attempt to describe an actual implementation of such workflow system in a modern Web-based environment. The implementation was demonstrated by a real-life example of several workflow users participating in a “game”. In the future we plan to expand the capabilities of the system, as well as investigate its implementation on top of standard foundations such as EJBs (or ActiveX). In order to do this we need to allow EJB to support AutO's guards mechanism (which can be done by an EJB proxy object …) but otherwise such porting should be quite straightforwards.