Modelling user availability in workflow resiliency analysis

John C. Mace; Charles Morisset; Aad Van Moorsel

doi:10.1145/2746194.2746201

Modelling user availability in workflow resiliency analysis

John C. Mace
, Charles Morisset
, Aad Van Moorsel

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Workflows capture complex operational processes and include security constraints limiting which users can perform which tasks. An improper security policy may prevent certain tasks being assigned and may force a policy violation. Deciding whether a valid user-task assignment exists for a given policy is known to be extremely complex, especially when considering user unavailability (known as the resiliency problem). Therefore tools are required that allow automatic evaluation of workflow resiliency. Modelling well defined workflows is fairly straightforward, however user availability can be modelled in multiple ways for the same workflow. Correct choice of model is a complex yet necessary concern as it has a major impact on the calculated resiliency. We describe a number of user availability models and their encoding in the model checker PRISM, used to evaluate resiliency. We also show how model choice can affect resiliency computation in terms of its value, memory and CPU time.

Original language	English
Title of host publication	Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, HotSoS 2015
Publisher	Association for Computing Machinery
ISBN (Electronic)	9781450333764
DOIs	https://doi.org/10.1145/2746194.2746201
Publication status	Published - 21 Apr 2015
Event	Symposium and Bootcamp on the Science of Security, HotSoS 2015 - Urbana, United States Duration: 21 Apr 2015 → 22 Apr 2015

Publication series

Name	ACM International Conference Proceeding Series
Volume	21-22-April-2015

Conference

Conference	Symposium and Bootcamp on the Science of Security, HotSoS 2015
Country/Territory	United States
City	Urbana
Period	21/04/15 → 22/04/15

Bibliographical note

Publisher Copyright:
Copyright 2015 ACM.

Keywords

Markov Decision Process
Probabilistic model checker
Workflow satisfiability problem

ASJC Scopus subject areas

Software
Human-Computer Interaction
Computer Vision and Pattern Recognition
Computer Networks and Communications

Access to Document

10.1145/2746194.2746201

Cite this

@inproceedings{658e266b3b6f458184c66cad6dac0848,

title = "Modelling user availability in workflow resiliency analysis",

abstract = "Workflows capture complex operational processes and include security constraints limiting which users can perform which tasks. An improper security policy may prevent certain tasks being assigned and may force a policy violation. Deciding whether a valid user-task assignment exists for a given policy is known to be extremely complex, especially when considering user unavailability (known as the resiliency problem). Therefore tools are required that allow automatic evaluation of workflow resiliency. Modelling well defined workflows is fairly straightforward, however user availability can be modelled in multiple ways for the same workflow. Correct choice of model is a complex yet necessary concern as it has a major impact on the calculated resiliency. We describe a number of user availability models and their encoding in the model checker PRISM, used to evaluate resiliency. We also show how model choice can affect resiliency computation in terms of its value, memory and CPU time.",

keywords = "Markov Decision Process, Probabilistic model checker, Workflow satisfiability problem",

author = "Mace, \{John C.\} and Charles Morisset and \{Van Moorsel\}, Aad",

year = "2015",

month = apr,

day = "21",

doi = "10.1145/2746194.2746201",

language = "English",

series = "ACM International Conference Proceeding Series",

publisher = "Association for Computing Machinery",

booktitle = "Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, HotSoS 2015",

}

Mace, JC, Morisset, C & Van Moorsel, A 2015, Modelling user availability in workflow resiliency analysis. in Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, HotSoS 2015., 2746201, ACM International Conference Proceeding Series, vol. 21-22-April-2015, Association for Computing Machinery, Symposium and Bootcamp on the Science of Security, HotSoS 2015, Urbana, United States, 21/04/15. https://doi.org/10.1145/2746194.2746201

Modelling user availability in workflow resiliency analysis. / Mace, John C.; Morisset, Charles; Van Moorsel, Aad.
Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, HotSoS 2015. Association for Computing Machinery, 2015. 2746201 (ACM International Conference Proceeding Series; Vol. 21-22-April-2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Modelling user availability in workflow resiliency analysis

AU - Mace, John C.

AU - Morisset, Charles

AU - Van Moorsel, Aad

PY - 2015/4/21

Y1 - 2015/4/21

N2 - Workflows capture complex operational processes and include security constraints limiting which users can perform which tasks. An improper security policy may prevent certain tasks being assigned and may force a policy violation. Deciding whether a valid user-task assignment exists for a given policy is known to be extremely complex, especially when considering user unavailability (known as the resiliency problem). Therefore tools are required that allow automatic evaluation of workflow resiliency. Modelling well defined workflows is fairly straightforward, however user availability can be modelled in multiple ways for the same workflow. Correct choice of model is a complex yet necessary concern as it has a major impact on the calculated resiliency. We describe a number of user availability models and their encoding in the model checker PRISM, used to evaluate resiliency. We also show how model choice can affect resiliency computation in terms of its value, memory and CPU time.

AB - Workflows capture complex operational processes and include security constraints limiting which users can perform which tasks. An improper security policy may prevent certain tasks being assigned and may force a policy violation. Deciding whether a valid user-task assignment exists for a given policy is known to be extremely complex, especially when considering user unavailability (known as the resiliency problem). Therefore tools are required that allow automatic evaluation of workflow resiliency. Modelling well defined workflows is fairly straightforward, however user availability can be modelled in multiple ways for the same workflow. Correct choice of model is a complex yet necessary concern as it has a major impact on the calculated resiliency. We describe a number of user availability models and their encoding in the model checker PRISM, used to evaluate resiliency. We also show how model choice can affect resiliency computation in terms of its value, memory and CPU time.

KW - Markov Decision Process

KW - Probabilistic model checker

KW - Workflow satisfiability problem

UR - https://www.scopus.com/pages/publications/84986538588

U2 - 10.1145/2746194.2746201

DO - 10.1145/2746194.2746201

M3 - Conference contribution

AN - SCOPUS:84986538588

T3 - ACM International Conference Proceeding Series

BT - Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, HotSoS 2015

PB - Association for Computing Machinery

T2 - Symposium and Bootcamp on the Science of Security, HotSoS 2015

Y2 - 21 April 2015 through 22 April 2015

ER -

Modelling user availability in workflow resiliency analysis

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this