Konferenzbeitrag
Static information fow analysis of workflow models
Volltext URI
Dokumententyp
Text/Conference Paper
Dateien
Zusatzinformation
Datum
2010
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Verlag
Gesellschaft für Informatik e.V.
Zusammenfassung
This paper proposes a framework for the detection of information leaks in workflow descriptions based on static information flow analysis. Despite the correct deployment of access control mechanisms, certain information leaks can persist, thereby undermining the compliance of workflows to policies. The framework put forward in this paper identifies leaks induced by the structure of the workflow. It consists of an adequate meta-model for workflow representation based on Petri nets and corresponding components for the transformation and analysis. A case study illustrates the application of the framework on a concrete workflow in BPEL notation.