论文信息 - Modeling and Validating E-Commerce Business Process Based on Petri Nets

Modeling and Validating E-Commerce Business Process Based on Petri Nets

E-commerce and online shopping with a third-party payment platform have rapidly developed recently, and encountered many fault tolerance and security problems concerned by users. The causes of these problems include malicious behavior and imperfect business processes. The latter lead to the emergence of security vulnerabilities and loss of user funds which become more and more serious these years. We focus on the business process of e-commerce, and propose a formal model for constructing an e-commerce business process called an E-commerce Business Process Net. It integrates both data and control flows based on Petri nets. Rationality and transaction consistency are defined and validated to guarantee the transaction properties of an e-commerce business process. This paper offers a complete methodology for modeling and validating an e-commerce system with a third-party payment platform from the view point of a business process. Its use enables a designer to identify errors early in the design process and correct them before the deployment phase. In order to demonstrate the applicability and feasibility of the methodology, we have modeled and validated a real-world e-commerce business process and discovered the problems that cause the violation of transaction properties.

[1] Wil M. P. van der Aalst,et al. Loosely coupled interorganizational workflows: : modeling and analyzing workflows crossing organizational boundaries , 2000, Inf. Manag..

[2] MengChu Zhou,et al. Process Nets With Channels , 2012, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[3] MengChu Zhou,et al. Modeling, Simulation, and Control of Flexible Manufacturing Systems - A Petri Net Approach , 1999, Series in Intelligent Control and Intelligent Automation.

[4] Zhiwu Li,et al. Deadlock Resolution in Automated Manufacturing Systems: A Novel Petri Net Approach , 2009 .

[5] Andrew D. Gordon,et al. Modular verification of security protocol code by typing , 2010, POPL '10.

[6] B. Pfitzmann,et al. Properties of Payment Systems - General Definition Sketch and Classification , 1996 .

[7] Haiyang Sun,et al. Enforcing Business Collaboration Consistency in Business Transaction Net , 2008, 2008 10th IEEE Conference on E-Commerce Technology and the Fifth IEEE Conference on Enterprise Computing, E-Commerce and E-Services.

[8] Sérgio Vale Aguiar Campos,et al. A Formal Methodology to Specify E-commerce Systems , 2002, ICFEM.

[9] MengChu Zhou,et al. A Petri Net-Based Method for Compatibility Analysis and Composition of Web Services in Business Process Execution Language , 2009, IEEE Transactions on Automation Science and Engineering.

[10] Lars Michael Kristensen,et al. Coloured Petri Nets - Modelling and Validation of Concurrent Systems , 2009 .

[11] MengChu Zhou,et al. Modeling and Analysis of Real-Time Cooperative Systems Using Petri Nets , 2007, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[12] Ning Zhang,et al. A security protocol for certified e-goods delivery , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[13] MengChu Zhou,et al. Compositional time Petri nets and reduction rules , 2000, IEEE Trans. Syst. Man Cybern. Part B.

[14] Vitaly Shmatikov,et al. Finite-state analysis of two contract signing protocols , 2002, Theor. Comput. Sci..

[15] Naiqi Wu,et al. System Modeling and Control with Resource-Oriented Petri Nets , 2009 .

[16] Elias Pimenidis,et al. WEB SERVICES ENABLING VIRTUAL ENTERPRISE TRANSACTIONS , 2006 .

[17] J. D. Tygar,et al. Atomicity in electronic commerce , 1998, PODC '96.

[18] Haiyang Sun,et al. TiCoBTx-Net: A Model to Manage Temporal Consistency of Service-Oriented Business Collaboration , 2012, IEEE Transactions on Services Computing.

[19] Shiyong Lu,et al. Model checking the secure electronic transaction (SET) protocol , 1999, MASCOTS '99. Proceedings of the Seventh International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems.

[20] MengChu Zhou,et al. A Petri Net Approach to Analysis and Composition of Web Services , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[21] Martín Abadi,et al. Security Protocols: Principles and Calculi , 2007, FOSAD.

[22] MengChu Zhou,et al. A Petri-Net-Based Correctness Analysis of Internet Stock Trading Systems , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[23] MengChu Zhou,et al. A Petri Net-Based Model for Verification of Obligations and Accountability in Cooperative Systems , 2009, IEEE Trans. Syst. Man Cybern. Part A.

[24] Rui Wang,et al. How to Shop for Free Online -- Security Analysis of Cashier-as-a-Service Based Web Stores , 2011, 2011 IEEE Symposium on Security and Privacy.

[25] MengChu Zhou,et al. Reduction and Refinement by Algebraic Operations for Petri Net Transformation , 2012, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[26] Wil M. P. van der Aalst,et al. Ensuring correctness during process configuration via partner synthesis , 2012, Inf. Syst..

[27] Wil M. P. van der Aalst,et al. Inheritance of workflows: an approach to tackling problems related to change , 2002 .

[28] MengChu Zhou,et al. Petri net synthesis for discrete event control of manufacturing systems , 1992, The Kluwer international series in engineering and computer science.

[29] Haiyang Sun,et al. BTx-Net: A Token Based Dynamic Model for Supporting Consistent Collaborative Business Transactions , 2007, IEEE International Conference on Services Computing (SCC 2007).

[30] Panagiotis Katsaros,et al. A roadmap to electronic payment transaction guarantees and a Colored Petri Net model checking approach , 2009, Inf. Softw. Technol..

[31] Zhangkai Wang. Analyzing a Fair Exchange E-commerce Protocol Using CSP and FDR , 2010, 2010 International Conference on e-Education, e-Business, e-Management and e-Learning.

[32] James V. Hansen,et al. Model checking for E-business control and assurance , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[33] Indrajit Ray,et al. Failure analysis of an e-commerce protocol using model checking , 2000, Proceedings Second International Workshop on Advanced Issues of E-Commerce and Web-Based Information Systems. WECWIS 2000.

[34] Changjun Jiang,et al. Verifying functions in online stock trading systems , 2008, Journal of Computer Science and Technology.

[35] Peter G. Neumann,et al. Principled assuredly trustworthy composable architectures , 2003 .

[36] Changjun Jiang,et al. Modeling and monitoring of E-commerce workflows , 2009, Inf. Sci..

[37] Wil M. P. van der Aalst,et al. Verification of Workflow Nets , 1997, ICATPN.

[38] MengChu Zhou,et al. Interactive Petri Nets , 2013, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[39] MengChu Zhou,et al. Business and Scientific Workflows: A Web Service-Oriented Approach , 2013 .

[40] Indrajit Ray,et al. An anonymous and failure resilient fair-exchange e-commerce protocol , 2005, Decis. Support Syst..

[41] Jeannette M. Wing,et al. Model checking electronic commerce protocols , 1996 .