Workflow signatures for business process compliance
Author
Lim, Hoon Wei
Kerschbaum, Florian
Wang, Huaxiong
Date of Issue
2012School
School of Physical and Mathematical Sciences
Abstract
Interorganizational workflow systems play a fundamental role in business partnerships. We introduce and investigate the concept of workflow signatures. Not only can these signatures be used to ensure authenticity and protect integrity of workflow data, but also to prove the sequence and logical relationships, such as AND-join and AND-split, of a workflow. Hence, workflow signatures can be electronic evidence useful for auditing, that is proving compliance of business processes against some regulatory requirements. Furthermore, signing keys can be used to grant permissions to perform tasks. Since the signing keys are issued on-the-fly, authorization to execute a task within a workflow can be controlled and granted dynamically at runtime. In this paper, we propose a concrete workflow signature scheme, which is based on hierarchical identity-based cryptography, to meet security properties required by interorganizational workflows.
Type
Journal Article
Series/Journal Title
IEEE transactions on dependable and secure computing
Collections
http://dx.doi.org/10.1109/TDSC.2012.38
Get published version (via Digital Object Identifier)