A Model for Security in Agent-based Workflows

Introduction Workflow environments have hugely benefited from the technical advancements made available by the Internet over the last years. Many workflow environments today are implemented over public networks such as the Internet. Because workflow environments in most situations represent the “bread-andbutter” of a company, the implementation thereof has raised serious information security problems. Organizations are concerned about their privacy on the net as well as of the privacy of client information. Similar to other systems the information security requirements of a workflow system are modelled on the ISO 7498-2 standard. This standard proposes the following information security services: identification and authentication, authorization (access control), confidentiality, integrity, and non-repudiation. Mechanisms for each of these services must be employed to secure a workflow environment. Identification and authentication, confidentiality and nonrepudiation services are implemented similarly to those in nonworkflow environments. The services of authorization (with the main focus on access control) and integrity require special design considerations and implementation details. For example access control requires the modelling of access based on the type of tasks to be performed on the objects travelling around in a workflow environment. A unique feature of integrity in a workflow environment is to preserve the contents of objects according to business rules. These business rules are linked to the operational characteristics of an organization. There is a need for new approaches modelling the design and implementation of the access control and integrity services in workflow environments. Currently available research results in the area of access control are dominated by models of role-based access control (RBAC). RBAC shows good potential to be successfully employed in a workflow system. The information security principle of separation of duties (SoD) is important in the modelling of integrity in a workflow environment. A physical and logical separation of tasks can improve the prevention of fraudulent activities. Agent technology shows great potential in the field of workflow systems. Furthermore, information security aspects like RBAC and SoD can be considered in the agent-based implementation of workflows. Therefore, the primary aim of this paper is to give an architectural model and a framework for implementing access control and integrity in a workflow environment. Intelligent and mobile agents are applied to current workflow technology to meet access control and integrity requirements. The remainder of the paper has the following structure: Section 2 gives an introduction to workflow environments and agents. Section 3 describes a sample process which will be used for illustration purposes throughout the paper. An architecture for agent-based workflows and its different agent types are discussed in Section 4. Section 5 introduces the notions of RBAC and SoD and gives a formal model for them within the workflow environment. Implementation of several security features in an agent-based workflow system is the topic of Section 6. Section 7 gives a conclusion. 1