Handling signature purposes in workflow systems

Abstract In paper-based workflow systems, signatures of individuals or groups of people have been used extensively for different purposes. Currently there are numerous studies on computerizing workflow systems. Also there are studies on implementing digital signatures in electronic media. But the diversified purposes of a signature in workflow makes a straightforward implementation of digital signature schemes inadequate. There are few studies on the implication of different signature purposes on electronic workflow systems. The purposes of signature are closely associated with the two modes of decision making, namely single and group. These two modes of decision making in turn lead to single and group signatures. This paper reports our comprehensive studies on signature purposes. These include the analysis of common signature purposes in workflow, classification of these purposes, classification of modes of decision making associated with these signature purposes, signing and validation requirements for handling these signature purposes, and finally an architecture to be incorporated in workflow engines for handling these signature purposes. In summary, this paper addresses a commonly neglected problem in information systems research: management control by signature in workflow.

[1]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[2]  Anne Elisabeth Haxthausen,et al.  The Raise Specification Language , 1992 .

[3]  Lucas Chi Kwong Hui,et al.  Integrating Different Signature Purposes in Workflow Systems - A Case Study , 1999, ICSC.

[4]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[5]  Lucas C. K. Hui,et al.  Extending the Liaison Workflow model and engine to support different signature purposes , 1999, Proceedings Sixth Asia Pacific Software Engineering Conference (ASPEC'99) (Cat. No.PR00509).

[6]  Karl R. P. H. Leung,et al.  Valmont: a language for workflow programming , 1998, Proceedings of the Thirty-First Hawaii International Conference on System Sciences.

[7]  Domaine de Voluceau A Workflow Vista of the Software Process , 1997 .

[8]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[9]  Andrea Klug Workflow Handbook 1997 , 1997 .

[10]  Keith C. C. Chan,et al.  Liaison: a workflow model for novel applications , 1998, Proceedings 1998 Asia Pacific Software Engineering Conference (Cat. No.98EX240).

[11]  Warwick Ford,et al.  Secure electronic commerce , 1997 .

[12]  Frank Leymann,et al.  Business process management with FlowMark , 1994, Proceedings of COMPCON '94.

[13]  Karl R. P. H. Leung,et al.  Software development as a workflow process , 1997, Proceedings of Joint 4th International Computer Science Conference and 4th Asia Pacific Software Engineering Conference.

[14]  Lucas Chi Kwong Hui,et al.  Multiple signature handling in workflow systems , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[15]  Dirk Fox,et al.  Digital Signature Standard (DSS) , 2001, Datenschutz und Datensicherheit.

[16]  Lucas Chi Kwong Hui,et al.  Signature management in workflow systems , 1999, Proceedings. Twenty-Third Annual International Computer Software and Applications Conference (Cat. No.99CB37032).

[17]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[18]  Karl R. P. H. Leung,et al.  The Liaison Workflow engine architecture , 1999, Proceedings of the 32nd Annual Hawaii International Conference on Systems Sciences. 1999. HICSS-32. Abstracts and CD-ROM of Full Papers.

[19]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[20]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.