Workflow signatures for business process compliance

Hoon Wei Lim*, Florian Kerschbaum, Huaxiong Wang

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

13 Citations (Scopus)

Abstract

Interorganizational workflow systems play a fundamental role in business partnerships. We introduce and investigate the concept of workflow signatures. Not only can these signatures be used to ensure authenticity and protect integrity of workflow data, but also to prove the sequence and logical relationships, such as AND-join and AND-split, of a workflow. Hence, workflow signatures can be electronic evidence useful for auditing, that is proving compliance of business processes against some regulatory requirements. Furthermore, signing keys can be used to grant permissions to perform tasks. Since the signing keys are issued on-the-fly, authorization to execute a task within a workflow can be controlled and granted dynamically at runtime. In this paper, we propose a concrete workflow signature scheme, which is based on hierarchical identity-based cryptography, to meet security properties required by interorganizational workflows.

Original languageEnglish
Article number6178261
Pages (from-to)756-769
Number of pages14
JournalIEEE Transactions on Dependable and Secure Computing
Volume9
Issue number5
DOIs
Publication statusPublished - 2012

Keywords

  • applied cryptography
  • business processes
  • Digital signatures
  • security compliance

Fingerprint

Dive into the research topics of 'Workflow signatures for business process compliance'. Together they form a unique fingerprint.

Cite this