Towards a Security Framework for Artifact-centric Workflows Leveraging Runtime Enforcement

By: Gaurav Gupta, Saumya Shankar, Srinivas Pinisetty

Abstract

A business process is made up of a set of activities that are carried out to create products or services. This series of activities is often analogous to the set of actions performed on an artifact (document). Aside from privacy (unauthorized access should be avoided) and integrity (the document should not be tampered with), the document has "lifecycle" constraints (modifications should be made in a predefined sequence). Any document manipulation that does not adhere to the lifecycle constraints is considered invalid. So far, cryptographic, centralized, and static verification approaches have been exploited to achieve compliance with the lifecycle, which have their respective limitations. In this paper, we design and develop a framework leveraging formal runtime enforcement approaches to enforce the lifecycle constraints of a document at runtime, preserving its integrity and privacy using cryptographic approaches alongside. The proposed framework has been implemented, and enforcement of constraints is demonstrated in the considered scenarios.

Keywords

Artifact Lifecycle, Runtime Enforcement, Cryptography, Business Process Models

Cite as:

Gaurav Gupta, Saumya Shankar, Srinivas Pinisetty, “Towards a Security Framework for Artifact-centric Workflows Leveraging Runtime Enforcement”, Journal of Object Technology, Volume 23, no. 2 (March 2024), pp. 2:1-30, doi:10.5381/jot.2024.23.2.a1.