Abstract
This paper presents a new solution to deal with security in dynamic Inter-Organizational Workflow (IOW) Systems. The IOW system aims to support the collaboration between distributed business processes running in several autonomous organizations in order to complete a set of common goals. In such dynamic environments, where participating organizations (partners) in the IOW are not known before its execution, many security breaches could arise. Thus, we propose a new automated security-driven solution based on i) partner selection ii) access control partner negotiation and policy conflict resolution.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Bouaziz, W., Andonoff, E.: Autonomic protocol-based coordination in dynamic inter-organizational workflow: HAL Id: hal-01233227 (2015)
El Kandoussi, A., El Bakkali, H.: On access control requirements for inter-organizational workflow. In: Proceedings of the 4th Edition of National Security Days, JNS4 2014 (2014)
Kovács, G., Kot, S.: Economic and social effects of novel supply chain concepts and virtual enterprises. J. Int. Stud. 10(1), 237–254 (2017)
El Kandoussi, A., El Bakkali, H.: Security based partner selection in inter-organizational workflow systems. Int. J. Commun. Networks Inf. Secur. 10(3), 462–471 (2018)
Jatoth, C., Gangadharan, G.R., Fiore, U., Buyya, R.: SELCLOUD: a hybrid multi-criteria decision-making model for selection of cloud services. Soft Comput. 23, 1–15 (2018)
Sadigh, B.L., Nikghadam, S., Ozbayoglu, A.M., Unver, H.O., Dogdu, E., Kilic, S.E.: An ontology-based multi-agent virtual enterprise system (OMAVE): part 2: partner selection. Int. J. Comput. Integr. Manuf. 30(10), 1072–1092 (2017)
Brahimi, M.: An agents’ model using ontologies and web services for creating and managing virtual enterprises. Int. J. Comput. Digit. Syst. 8(1), 1–9 (2019)
Andonoff, E., Bouaziz, W., Hanachi, C., Bouzguenda, L.: An agent-based model for autonomic coordination of inter-organizational business processes. Informatica 20(3), 323–342 (2009)
Sandhu, R.S.: Role-based access control. Adv. Comput. 46, 237–286 (1998)
Oh, S., Park, S.: Task–role-based access control model. Inf. Syst. 28(6), 533–562 (2003)
Ma, G.: A flexible policy-based access control model for workflow management systems (2011)
El Bakkali, H., Hatim, H.: RB-WAC: new approach for access control in workflows. In: 2009 IEEE/ACS International Conference on Computer Systems and Applications, AICCSA 2009, pp. 637–640 (2009)
Haguouche, S., Jarir, Z.: Towards a secure and borderless collaboration between organizations: an automated enforcement mechanism. Secur. Commun. Networks 2018, 13 (2018)
Salehi, A., Rudolph, C., Grobler, M.: A dynamic cross-domain access control model for collaborative healthcare application. In: 2019 IFIP/IEEE Symposium on Integrated Network and Service Management, IM 2019, pp. 643–648 (2019)
Li, W.: A community cloud oriented workflow system framework and its scheduling strategy. In: Proceedings - 2010 Symposium on Web Society, SWS 2010, pp. 316–325 (2010)
Alotaiby, F.T., Chen, J.X.: A model for team-based access control (TMAC 2004). In: International Conference Information Technology: Coding and Computing, ITCC, vol. 1, pp. 450–454 (2004)
Chakraborty, S., Ray, I.: TrustBAC - Integrating Trust Relationships into the RBAC Model for Access Control in Open Systems. In: Proceedings Eleventh ACM Symposium Access Control Models and Technologies - SACMAT 2006, p. 49 (2006)
Tolone, W., Ahn, G.-J., Pai, T., Hong, S.-P.: Access control in collaborative systems. ACM Comput. Surv. 37(1), 29–41 (2005)
Andonoff, E., Bouzguenda, L.: Agent-based negotiation between partners in loose inter-organizational workflow. In: Proceedings - 2005 IEEE/WIC/ACM International Conference on Intelligent Agent Technology, IAT 2005, June 2014, vol. 2005, pp. 619–625 (2005)
Hummer, W., Gaubatz, P., Strembeck, M., Zdun, U., Dustdar, S.: Enforcement of entailment constraints in distributed service-based business processes. Inf. Softw. Technol. 55(11), 1884–1903 (2013)
Goel, A.: Specification and modelling of workflow management systems with state based access control (2016)
Mollahoseini Ardakani, M.R., Hashemi, S.M., Razzazi, M.: A cloud-based solution/reference architecture for establishing collaborative networked organizations. J. Intell. Manuf. 30, 1–17 (2018)
Rizvi, S.S., Bolish, T.A., Pfeffer, J.R.: Security evaluation of cloud service providers using third party auditors. In: ACM International Conference Proceeding Series (2017)
Rahimi, H., El Bakkali, H.: CIOSOS: combined idiomatic-ontology based sentiment orientation system for trust reputation in E-commerce. Adv. Intell. Syst. Comput. 369, 189–200 (2015)
El Uahhabi, Z., El Bakkali, H.: Calculating and evaluating trustworthiness of certification authority. Int. J. Commun. Networks Inf. Secur. 8(3), 136–146 (2016)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
El Kandoussi, A., El Bakkali, H. (2021). Automated Security Driven Solution for Inter-Organizational Workflows. In: Abraham, A., Shandilya, S., Garcia-Hernandez, L., Varela, M. (eds) Hybrid Intelligent Systems. HIS 2019. Advances in Intelligent Systems and Computing, vol 1179. Springer, Cham. https://doi.org/10.1007/978-3-030-49336-3_35
Download citation
DOI: https://doi.org/10.1007/978-3-030-49336-3_35
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-49335-6
Online ISBN: 978-3-030-49336-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)