Salvato in:
Dettagli Bibliografici
Autore:dos Santos, Daniel Ricardo
Titolo:Automatic Techniques for the Synthesis and Assisted Deployment of Security Policies in Workflow-based Applications
Pubblicazione:: University of Trento, 2017-03-06
Abstract: Workflows specify a collection of tasks that must be executed under the responsibility or supervision of human users. Workflow management systems and workflow-driven applications need to enforce security policies in the form of access control, specif... of human users. Workflow management systems and workflow-driven applications need to enforce security policies in the form of access control, specifying which users can execute which tasks, and authorization constraints, such as Separation/Binding of Duty, further restricting the execution of tasks at run-time. Enforcing these policies is crucial to avoid frauds and malicious use, but it may lead to situations where a workflow instance cannot be completed without the violation of the policy. The Workflow Satisfiability Problem (WSP) asks whether there exists an assignment of users to tasks in a workflow such that every task is executed and the policy is not violated. The run-time version of this problem amounts to answering user requests to execute tasks positively if the policy is respected and the workflow instance is guaranteed to terminate. The WSP is inherently hard, but solutions to this problem have a practical application in reconciling business compliance (stating that workflow instances should follow the specified policies) and business continuity (stating that workflow instances should be deadlock-free). Related problems, such as finding execution scenarios that not only satisfy a workflow but also satisfy other properties (e.g., that a workflow instance is still satisfiable even in the absence of users), can be solved at deployment-time to help users design policies and reuse available workflow models. The main contributions of this thesis are three: 1. We present a technique to synthesize monitors capable of solving the run-time version of the WSP, i.e., capable of answering user requests to execute tasks in such a way that the policy is not violated and the workflow instance is guaranteed to terminate. The technique is extended to modular workflow specifications, using components and gluing assertions. This allows us to compose synthesized monitors, reuse workflow models, and synthesize monitors for large models. 2. We introduce and present techniques to solve a new class of problems called Scenario Finding Problems, i.e., finding execution scenarios that satisfy properties of interest to users. Solutions to these problems can assist customers during the deployment of reusable workflow models with custom authorization policies. 3. We implement the proposed techniques in two tools. Cerberus integrates monitor synthesis, scenario finding, and run-time enforcement into workflow management systems. Aegis recovers workflow models from web applications using process mining, synthesizes monitors, and invokes them at run-time by using a reverse proxy. An extensive experimental evaluation shows the practical applicability of the proposed approaches on realistic and synthetic (for scalability) problem instances.
Read more
Note:In relazione con http://eprints-phd.biblio.unitn.it/1906/
application/pdf
Autori secondari:Ranise, Silvio
Compagna, Luca
Ponta, Serena
Classe MIUR:INF/01 - INFORMATICA
Risorsa digitale:Copia depositata in BNCF Repository di Ateneo
Copia depositata in BNCF Repository di Ateneo
LEADER 04025nam a2200277 n 4500
001 TD17025669
005 20200923012345.0
049 |a TDMAGDIG 
100 |a 20190501d2017 --k--ita-50----ba  
200 1 |a Automatic Techniques for the Synthesis and Assisted Deployment of Security Policies in Workflow-based Applications  |b Tesi di dottorato 
210 1 |c University of Trento  |d 2017-03-06 
300 |a In relazione con http://eprints-phd.biblio.unitn.it/1906/ 
328 0 |b tesi di dottorato  |c INF/01 INFORMATICA  |e University of Trento 
330 |a Workflows specify a collection of tasks that must be executed under the responsibility or supervision of human users. Workflow management systems and workflow-driven applications need to enforce security policies in the form of access control, specifying which users can execute which tasks, and authorization constraints, such as Separation/Binding of Duty, further restricting the execution of tasks at run-time. Enforcing these policies is crucial to avoid frauds and malicious use, but it may lead to situations where a workflow instance cannot be completed without the violation of the policy. The Workflow Satisfiability Problem (WSP) asks whether there exists an assignment of users to tasks in a workflow such that every task is executed and the policy is not violated. The run-time version of this problem amounts to answering user requests to execute tasks positively if the policy is respected and the workflow instance is guaranteed to terminate. The WSP is inherently hard, but solutions to this problem have a practical application in reconciling business compliance (stating that workflow instances should follow the specified policies) and business continuity (stating that workflow instances should be deadlock-free). Related problems, such as finding execution scenarios that not only satisfy a workflow but also satisfy other properties (e.g., that a workflow instance is still satisfiable even in the absence of users), can be solved at deployment-time to help users design policies and reuse available workflow models. The main contributions of this thesis are three: 1. We present a technique to synthesize monitors capable of solving the run-time version of the WSP, i.e., capable of answering user requests to execute tasks in such a way that the policy is not violated and the workflow instance is guaranteed to terminate. The technique is extended to modular workflow specifications, using components and gluing assertions. This allows us to compose synthesized monitors, reuse workflow models, and synthesize monitors for large models. 2. We introduce and present techniques to solve a new class of problems called Scenario Finding Problems, i.e., finding execution scenarios that satisfy properties of interest to users. Solutions to these problems can assist customers during the deployment of reusable workflow models with custom authorization policies. 3. We implement the proposed techniques in two tools. Cerberus integrates monitor synthesis, scenario finding, and run-time enforcement into workflow management systems. Aegis recovers workflow models from web applications using process mining, synthesizes monitors, and invokes them at run-time by using a reverse proxy. An extensive experimental evaluation shows the practical applicability of the proposed approaches on realistic and synthetic (for scalability) problem instances. 
336 |a application/pdf  |a application/pdf 
689 0 |a INF/01  |b INFORMATICA  |c TDR 
700 0 |a dos Santos, Daniel Ricardo 
702 0 |a Ranise, Silvio 
702 0 |a Compagna, Luca 
702 0 |a Ponta, Serena 
801 3 |a IT  |b IT-FI0098 
856 4 |u http://memoria.depositolegale.it/*/http://eprints-phd.biblio.unitn.it/1906/1/thesis.pdf  |2 http://eprints-phd.biblio.unitn.it/1906/1/thesis.pdf 
856 4 |u http://memoria.depositolegale.it/*/http://eprints-phd.biblio.unitn.it/1906/2/disclaimer.pdf  |2 http://eprints-phd.biblio.unitn.it/1906/2/disclaimer.pdf 
977 |a  CR 
FMT |a TD 
FOR |a TD 
Tesi di dottorato | Lingua: | Paese: | BID: TD17025669
Visualizza in formato Unimarc
Biblioteca Inventario Volume Collocazione Fruizione status