【 摘 要 】

A core motivation of service-oriented execution of business processes is the opportunity to reduce costs by outsourcing certain tasks to third-party service providers. For legal or economic reasons, it might be undesirable that delicate information (e. g., customer data, trade secrets, or financial details) “leak” to the involved third parties. The absence of such leaks — called noninterference — can be checked automatically. To this end, a model is required in which each task is assessed as either con- fidential or public. A drawback of this method is that (1) this distinction has to be made for each task prior to the verification and that (2) an unsuccessful check requires a new confidentiality assessment followed by another verification step. This paper introduces a full-automatic technique to complete partial confidentiality assessments while guaranteeing noninterference. The proposed technique can be integrated into the design phase of a service-oriented business process and help the modeler choose which tasks can be safely outsourced.

【 预 览 】

附件列表

Files	Size	Format	View
Model support for confidential service-oriented business processes	418KB	PDF	download