Workflow Signatures for Business Process Compliance

Interorganizational workflow systems play a fundamental role in business partnerships. We introduce and investigate the concept of workflow signatures. Not only can these signatures be used to ensure authenticity and protect integrity of workflow data, but also to prove the sequence and logical rela...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on dependable and secure computing 2012-09, Vol.9 (5), p.756-769
Main Authors: Hoon Wei Lim, Kerschbaum, F., Huaxiong Wang
Format: Article
Language:English
Subjects:
applied cryptography
Business
business processes
Compliance auditing
Cryptography
Data integrity
Digital signatures
Electronic mail
Electronics
Engines
Keys
Partnerships
Public key
security compliance
Signatures
Studies
Tasks
Workflow
Workflow software
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Interorganizational workflow systems play a fundamental role in business partnerships. We introduce and investigate the concept of workflow signatures. Not only can these signatures be used to ensure authenticity and protect integrity of workflow data, but also to prove the sequence and logical relationships, such as AND-join and AND-split, of a workflow. Hence, workflow signatures can be electronic evidence useful for auditing, that is proving compliance of business processes against some regulatory requirements. Furthermore, signing keys can be used to grant permissions to perform tasks. Since the signing keys are issued on-the-fly, authorization to execute a task within a workflow can be controlled and granted dynamically at runtime. In this paper, we propose a concrete workflow signature scheme, which is based on hierarchical identity-based cryptography, to meet security properties required by interorganizational workflows.
ISSN:1545-5971
1941-0018
DOI:10.1109/TDSC.2012.38