Resiliency Variance in Workflows with Choice

Computing a user-task assignment for a workflow coming with probabilistic user availability provides a measure of completion rate or resiliency. To a workflow designer this indicates a risk of failure, especially useful for workflows which cannot be changed due to rigid security constraints. Furthermore, resiliency can help outline a mitigation strategy which states actions that can be performed to avoid workflow failures. A workflow with choice may have many different resiliency values, one for each of its execution paths. This makes understanding failure risk and mitigation requirements much more complex. We introduce resiliency variance, a new analysis metric for workflows which indicates volatility from the resiliency average. We suggest this metric can help determine the risk taken on by implementing a given workflow with choice. For instance, high average resiliency and low variance would suggest a low risk of workflow failure.

[1]  Manfred Reichert,et al.  Enabling Flexibility in Process-Aware Information Systems , 2012, Springer Berlin Heidelberg.

[2]  Charles Morisset,et al.  Impact of Policy Design on Workflow Resiliency Computation Time , 2015, QEST.

[3]  Hanan El Bakkali Enhancing Workflow Systems Resiliency by Using Delegation and Priority Concepts , 2013, J. Digit. Inf. Manag..

[4]  David A. Basin,et al.  Optimal workflow-aware authorizations , 2012, SACMAT '12.

[5]  Akhil Kumar,et al.  W-RBAC - A Workflow Security Model Incorporating Controlled Overriding of Constraints , 2003, Int. J. Cooperative Inf. Syst..

[6]  Jan H. P. Eloff,et al.  Separation of duties for access control enforcement in workflow environments , 2001, IBM Syst. J..

[7]  Andreas Schaad,et al.  A Secure Task Delegation Model for Workflows , 2008, 2008 Second International Conference on Emerging Security Information, Systems and Technologies.

[8]  Wil M. P. van der Aalst,et al.  An Alternative Way to Analyze Workflow Graphs , 2002, CAiSE.

[9]  Christoph Bussler,et al.  On Structured Workflow Modelling , 2000, CAiSE.

[10]  Amit P. Sheth,et al.  An overview of workflow management: From process modeling to workflow automation infrastructure , 1995, Distributed and Parallel Databases.

[11]  Johann Eder,et al.  Workflow recovery , 1996, Proceedings First IFCIS International Conference on Cooperative Information Systems.

[12]  Ninghui Li,et al.  Satisfiability and Resiliency in Workflow Authorization Systems , 2010, TSEC.

[13]  Akhil Kumar,et al.  Dynamic Work Distribution in Workflow Management Systems: How to Balance Quality and Performance , 2002, J. Manag. Inf. Syst..

[14]  David A. Basin,et al.  Obstruction-Free Authorization Enforcement: Aligning Security with Business Objectives , 2011, 2011 IEEE 24th Computer Security Foundations Symposium.

[15]  Charles Morisset,et al.  Modelling user availability in workflow resiliency analysis , 2015, HotSoS.

[16]  Manfred Reichert,et al.  Enabling Flexibility in Process-Aware Information Systems: Challenges, Methods, Technologies , 2012 .

[17]  Aswath Damodaran,et al.  Strategic Risk Taking: A Framework for Risk Management , 2007 .

[18]  Nora Cuppens-Boulahia,et al.  Security policy compliance with violation management , 2007, FMSE '07.

[19]  Andreas Schaad,et al.  Classification Model for Access Control Constraints , 2007, 2007 IEEE International Performance, Computing, and Communications Conference.

[20]  Gregory Gutin,et al.  On the Parameterized Complexity and Kernelization of the Workflow Satisfiability Problem , 2013, TSEC.

[21]  Paul Watson,et al.  Developing cloud applications using the e-Science Central platform , 2013, Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences.

[22]  R. Bellman A Markovian Decision Process , 1957 .

[23]  Dean Povey Optimistic security: a new access control paradigm , 1999, NSPW '99.

[24]  Akhil Kumar,et al.  Research Commentary: Workflow Management Issues in e-Business , 2002, Inf. Syst. Res..

[25]  Marta Z. Kwiatkowska,et al.  PRISM 4.0: Verification of Probabilistic Real-Time Systems , 2011, CAV.

[26]  Charles Morisset,et al.  Quantitative Workflow Resiliency , 2014, ESORICS.

[27]  Wil M. P. van der Aalst,et al.  Workflow Exception Patterns , 2006, CAiSE.

[28]  Srdjan Marinovic,et al.  Rumpole: a flexible break-glass access control model , 2011, SACMAT '11.

[29]  D. Hollingsworth The Workflow Reference Model: 10 Years On , 2004 .

[30]  Jason Crampton,et al.  An Auto-delegation Mechanism for Access Control Systems , 2010, STM.