A verification mechanism for secured message processing in business collaboration

Message processing can become unsecured resulting in unreliable business collaboration in terms of authorization policy conflicts, for example, when (1) incorrect role assignment or modification occurs in a partner's services or (2) messages transferred from one organization are processed by unqualified roles in other collaborating business participants. Therefore, verification mechanism based on access policies is critical for managing secured message processing in business collaboration. In this paper, we exploit a role authorization model, Role-Net, which is developed based on Hierarchical Colored Petri Nets (HCPNs) to specify and manage role authorization in business collaboration. A property named Role Authorization Based Dead Marking Freeness is defined based on Role-Net to verify business collaboration reliability according to partners' authorization policies. An algebraic verification method for secured message processing is introduced as well.