Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
184 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

SecFlow: Adaptive Security-Aware Workflow Management System in Multi-Cloud Environments (2307.05137v1)

Published 11 Jul 2023 in cs.CR and cs.SE

Abstract: In this paper, we propose an architecture for a security-aware workflow management system (WfMS) we call SecFlow in answer to the recent developments of combining workflow management systems with Cloud environments and the still lacking abilities of such systems to ensure the security and privacy of cloud-based workflows. The SecFlow architecture focuses on full workflow life cycle coverage as, in addition to the existing approaches to design security-aware processes, there is a need to fill in the gap of maintaining security properties of workflows during their execution phase. To address this gap, we derive the requirements for such a security-aware WfMS and design a system architecture that meets these requirements. SecFlow integrates key functional components such as secure model construction, security-aware service selection, security violation detection, and adaptive response mechanisms while considering all potential malicious parties in multi-tenant and cloud-based WfMS.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (25)
  1. Marlon Dumas, Marcello La Rosa and Jan Mendling Hajo A. Reijers “Fundamentals of Business process management” In Information Systems 37.6, 2018, pp. 517
  2. “Design and development of an adaptive workflow-enabled spatial-temporal analytics framework” In ICPADS - Int. Conf. Parallel Distrib. Syst. Proc. IEEE, 2012, pp. 862–867
  3. Maria A. Rodriguez and Rajkumar Buyya “Scientific Workflow Management System for Clouds” In Software Architecture for Big Data and the Cloud Elsevier Inc., 2017, pp. 367–387
  4. “A survey on business processes management suites” In Computer Standards & Interfaces 51 Elsevier, 2017, pp. 71–86
  5. “A taxonomy and survey of fault-tolerant workflow management systems in cloud and distributed computing environments” In Software architecture for big data and the cloud Elsevier, 2017, pp. 285–320
  6. Nafiseh Soveizi, Fatih Turkmen and Dimka Karastoyanova “Security and privacy concerns in cloud-based scientific and business workflows: A systematic review” In Future Generation Computer Systems, 2023
  7. Shefali Varshney, Rajinder Sandhu and P K Gupta “QoS Based Resource Provisioning in Cloud Computing Environment: A Technical Survey” In ICACDS, 2019, pp. 711–723
  8. OWASP “Threat modeling cheat sheet”, 2022 URL: https://cheatsheetseries.owasp.org/cheatsheets/Threat%20Modeling%20Cheat%20Sheet.html
  9. Minhaj Ahmad Khan “A survey of security issues for cloud computing” In Journal of Network and Computer Applications 71 Elsevier, 2016, pp. 11–29
  10. Modi al. “Virtualization layer security challenges and intrusion detection/prevention systems in cloud computing: a comprehensive review” In Journal of Supercomputing 73.3 Springer US, 2017, pp. 1192–1234
  11. “A Survey on the Security of Cloud Computing” In ICCAIS 2019 IEEE, 2019, pp. 1–7
  12. Gwan Hwan Hwang, Yi Chan Kao and Yu Cheng Hsiao “Scalable and trustworthy cross-enterprise WfMSs by cloud collaboration” In Proc. IEEE International Congress on Big Data, 2013 IEEE, 2013, pp. 70–77
  13. Nouioua Maroua, Alti Adel and Zouari Belhassen “A new formal proxy-based approach for secure distributed business process on the cloud” In Proc. Int. Conf. on AINA 2018-May, 2018, pp. 973–980
  14. “Machine learning for anomaly detection and categorization in multi-cloud environments” In CSCloud, 2017, pp. 97–103
  15. “Distributed denial of service attacks in cloud: State-of-the-art of scientific and commercial solutions” In Computer Science Review 39 Elsevier, 2021, pp. 100332
  16. Deepak Ranjan Panda, Susanta Kumar Behera and Debasish Jena “A survey on cloud computing security issues, attacks and countermeasures” In Advances in ML and Comp. Intelligence. Springer, 2021, pp. 513–524
  17. “Scientific workflow execution system based on mimic defense in the cloud environment” In Frontiers of Information Technology and Electronic Engineering 19.12, 2018, pp. 1522–1536
  18. “SecDataView: A secure big data workflow management system for heterogeneous computing environments” In ACM International Conference Proceeding Series, 2019, pp. 390–403
  19. Donghoon Kim and Mladen A. Vouk “Securing Scientific Workflows” In Proc: IEEE QRS-C 2015 IEEE, 2015, pp. 95–104
  20. “Automation of service-based security-aware business processes in the Cloud” In Computing 98.9 Springer Vienna, 2016, pp. 847–870
  21. Huang al. “Research on cloud workflow engine supporting three-level isolation and privacy protection” In 2019 IEEE 5th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing,(HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS), 2019, pp. 160–165 IEEE
  22. “A system architecture for running big data workflows in the cloud” In Proc. IEEE Conf, SCC IEEE, 2014, pp. 51–58
  23. “jBPM: Business Process Management Suite”, https://www.jbpm.org/
  24. “A semi-automated BPMN-based framework for detecting conflicts between security,data-minimization,and fairness requirements” In Software and Systems Modeling 19.5 Springer Berlin Heidelberg, 2020, pp. 1191–1227
  25. CloudSim Plus Contributors “CloudSim Plus” https://github.com/manoelcampos/cloudsim-plus, GitHub repository
Citations (1)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now