簡易檢索 / 詳目顯示

研究生: 蕭宇程
Hsiao Yu-Cheng
論文名稱: 工作流程管理系統與呼叫鍊的安全性架構
The Security Framework for WfMS and Calling Chain
指導教授: 黃冠寰
Hwang, Gwan-Hwan
學位類別: 博士
Doctor
系所名稱: 資訊工程學系
Department of Computer Science and Information Engineering
論文出版年: 2013
畢業學年度: 101
語文別: 英文
論文頁數: 162
中文關鍵詞: 工作流程系統中國牆安全性模型安全性雲端運算服務導向架構呼叫鍊
英文關鍵詞: Workflow management system (WfMS), Chinese wall security model (CWSM), Security, Cloud, SOA, Calling chain
論文種類: 學術論文
相關次數: 點閱:177下載:8
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報
  • 安全的工作流程系統(Workflow Management System, WfMS)與服務導向架構(Service-oriented architecture, SOA)必須要支援像是身分驗證機制、資料保密性、資料完整性以及不可否認性等安全性需求。中國牆安全模型(Chinese wall security model)主要用於提供商業組織中避免利益衝突的存取控制,在大型跨企業的工作流程中顯得特別重要。本論文的第一個部份提出如何將中國牆安全模型實作於工作流程系統中,我們先展示現有的存取控制模型由於沒有考慮到執行時期的歷史紀錄與公司組織資訊的變動性而不足以支援此安全性架構,而提出了一組應用程式介面並支援動態存取控制對象與公司資料的繫結。此應用程式介面也可用於定義動態的安全性政策來達成將中國牆安全模型實作於工作流程系統的安全性需求,並討論如何將這些特性實作於執行時期的工作流程系統。
    雲端運算(Cloud computing)技術目前不論是在學術或是業界都引起了很大的注意,越來越多使用者與企業都將資料與應用程式搬移到雲端上。雲端運算提供可擴充性、支援大型資料數據、依據需求來調整的資源分配技術,這些特性對於如何將工作流程系統實作於雲端上是相當有挑戰性的。要建立一個可擴充性高的跨企業工作流程系統需要將現有流程管理的概念加以運用及擴展,本論文的第二個部份提出一個工作流程的安全性架構如何被安全有彈性地實作於跨企業的工作流程中,並提出現有以工作流程引擎為基礎的工作流程系統難以達成不可否認性的安全性需求。我們提出的系統架構為一個文件傳遞式並支援主要安全性需求的雲端環境系統,它運用了元素式加密法和鏈狀數位簽章等技術讓工作流程程序實例擁有自我保護的能力,並可以滿足身分驗證機制、資料保密性、資料完整性以及不可否認性等安全性需求。而且工作流程程序實例可以備份及遷移至其他相容的平台而不必依靠雲端服務提供者的支援。在本研究中,我們實作了整個系統的雛型並進行相關的實驗與研究,並提供了充分的實驗結果。
    在服務導向架構的系統中,應用程式通常會以網路服務(Web service)來進行實作,而網路服務的呼叫常會產生動態的呼叫鍊(Calling chain)。現有的服務導向架構安全性機制像是WS-Security、WS-SecurityPolicy及WS-Trust都只支援點對點式的安全性。在本論文中的第三個部份中,我們首先說明了需要呼叫鍊動態資訊的存取控制情境,並提出一個滿足主要安全性需求的以服務導向架構為基礎的安全性架構,此架構會在每個服務呼叫時產生呼叫記錄(Calling record)並且將此資訊加入到呼叫中,藉此建立可以用來支援基於呼叫鍊存取控制的呼叫鍊圖型(Calling-chain graph),我們也設計了一組安全性政策應用程式介面來讓服務提供者制定基於呼叫鍊的存取控制,並提供了實作與實驗結果以展示本研究所提出之系統的可行性。

    Secure workflow management systems (WfMSs) and SOA (service-oriented architecture) system are required to support major security features such as authentication, confidentiality, data integrity, and nonrepudiation. The Chinese wall security model (CWSM) was designed to provide access controls that mitigate conflict of interest in commercial organizations, and is especially important for large-scale interenterprise workflow applications. The first part of this dissertation describes how to implement the CWSM in a WfMS. We first demonstrate situations in which an access control model is not sufficient for this if the WfMS does not keep the run-time history of data accesses and company information is mutable, and we then propose an application programming interface (API) to solve this problem, also providing support for the intrinsic dynamic access control mechanism defined in the CWSM (i.e., the dynamic binding of subjects and elements in the company data set). This API can also specify several requirements of the dynamic security policy that arise when applying the CWSM in WfMSs. Then we discuss how to implement a run-time system to implement CWSM policies specified by this API in a WfMS.
    Cloud computing is gaining tremendous momentum in both academia and industry, with more and more people and enterprises migrating their data and applications into the cloud. Cloud computing provides a new computing model with elastic scaling, a resource pool of unprecedented size, and the on-demand resource provisioning mechanism, which bring numerous challenges in implementing workflow management systems (WfMSs) in the cloud. Establishing scalable and cross-enterprise WfMSs in the cloud requires the adaptation and extension of existing concepts for process management. The second part of this dissertation presents a framework for how cross-enterprise processes can be implemented, secured, controlled, and scaled. We also explain why existing engine-based centralized and distributed WfMSs cannot guarantee the nonrepudiation requirement. The proposed framework is a document-routing system that implements major required security features in the cloud computing environment. Its security framework is built by applying element-wise encryption and a cascade-based method of embedding digital signatures. The implementation and experimental results demonstrate the feasibility of the proposed framework.
    In an SOA (service-oriented architecture) system such as an application implemented by Web services, the invocations of services often form dynamic calling chains. Existing security standards of an SOA such as WS-Security, WS-SecurityPolicy, and WS-Trust only support the point-to-point security requirements of individual Web services. In the third part of this dissertation. We first show some scenarios in which the access control and data security must consult the structure of a dynamically formed calling chain in a wide-open distributed environment. We then propose a security framework for SOA-based systems in which the access control and data security can be performed dynamically according to the formed calling chain in service invocations. The proposed framework satisfies security requirements in a service invocation. A calling record is embedded in each service invocation and response, and these calling records are used when building a calling-chain graph that can be used to implement the calling-chain-based access control. In addition, we design a security policy API that the service provider can use to specify the access control and data security according to the formed calling chain. The implementation and experimental results demonstrate the feasibility of the proposed system.

    Table of Contents i List of Figures iii 中文摘要 vi Abstract viii 謝誌 xi Chapter 1. Introduction 1 1.1 Workflow management systems 1 1.2 Introduction of CWSM 6 1.3 Introduction of DRA4WfMS and cloud support 10 1.4 Service-Oriented Architecture 13 1.5 Introduction of DRA4SOA 18 Chapter 2. Related Works 21 2.1 Related works of CWSM 21 2.2 Related works of DRA4WfMS 25 2.3 Related works of DRA4SOA 31 Chapter 3. CWSM 36 3.1 Related works of DRA4SOA 36 3.2 General Access Control Model in WfMSs 43 3.3 API to Specify the Security Policy for the CWSM in WfMSs 45 3.4 Run-time System for the CWSPS API and Implementation 52 3.5 An Implementation Example of CWSM 59 Chapter 4. DRA4WfMS 61 4.1 Operational Model of the DRA4WfMS 61 4.2 Implementing information security in the DRA4WfMS 76 4.2.1 Authentication 76 4.2.2 Confidentiality and Data Integrity 77 4.2.3 Nonreputiation 77 4.3 Syntax of the DRA4WfMS Document 80 4.4 Applying the DRA4WFMS in the Cloud Computing Environment 97 4.5 Implementation and Experimental Results of DRA4WfMS 99 Chapter 5. DRA4SOA 108 5.1 CCG 108 5.2 Operational model of DRA4SOA 111 5.3 Security requirements achieved in the DRA4SOA 128 5.4 Implementation of DRA4SOA messages in Web services 130 5.5 DRA4SOA API 136 5.6 Simplified DRA4SOA messages 139 5.7 Implementation and experimental results of DRA4SOA 141 Chapter 6. Conclusions and future work 145 References 149 Appendix A 159 Appendix B. Writing policy objects in the DRA4SOA API 160

    1. D. Georgakopoulos, M. Hornick, and A. Shet, “Overview of Workflow Management: From Process Modeling to Workflow Automation Infrastructure,” Distributed and Parallel Databases, Vol. 3, No. 2, 1995, pp. 119-153.
    2. S. Meilin, Y. Guangxin, X. Yong, and W. Shangguang, “Workflow Management Systems: A Survey,” International Conference on Communication Technology, 1998, pp. 1-5.
    3. A. Elmagarmid and W. Du, “Workflow Management: State of the Art vs. State of the Market,” in Proceedings of NATO Advanced Study Institute on Workflow Management Systems, 1997, pp. 1-17.
    4. Workflow Management Coalition, “Workflow Reference Model,” Workflow Management Coalition Standard, WfMC-TC-1003, 1995.
    5. Workflow Management Coalition, “Workflow: An Introduction,” Workflow Handbook, Future Strategies Inc., USA, 2002.
    6. S. Ceri, P. Grefen, and G. Sánchez, “WIDE − A Distributed Architecture for Workflow Management,” The 7th Int. Workshop on Research Issues in Data Engineering, Birmingham, 1997, pp. 76-79.
    7. P. Muth, D. Wodtke, J. Weißenfels, A. Kotz-Dittrich, and G. Weikum, “From Centralized Workflow Specification to Distributed Workflow Execution,” Journal of Intelligent Information Systems, Vol 10, No. 2, 1998, pp. 159-184.
    8. H. Schuster, J. Neeb, and R. Schamburger, “A Configuration Management Approach for Large Workflow Management Systems,” in Proceedings of Joint Conference on Work Activities Coordination and Collaboration, San Francisco, 1999, pp. 177-186.
    9. G. Coulouris, J. Dollimore, and T. Kindberg, “Distributed Systems: Concepts and Design (3rd Edition),” Addison Wesley, USA, 2000.
    10. V. Atluri, “Security for Workflow Systems,” Information Security Technical Report, Vol. 6, No. 2, 2001, pp. 59-68.
    11. Bauer, T. and Dadam, P., “Efficient Distributed Workflow Management Based on Variable Server Assignments,” In Proceedings of 12th Int'l Conf. on Advanced Information Systems Engineering (CAiSE '00). Stockholm, Sweden, 1789, 2000, pp. 94–109,
    12. Jin, L. J., Casati, F., Sayal, M., and Shan, M. C., “Load balancing in distributed workflow management system,” In Proceedings of the 2001 ACM symposium on Applied computing (SAC '01), 2001.
    13. D.F.C. Brewer and M. J. Nash, “The chinese wall security policy,” in Proceedings of IEEE Symposium on Security and Privacy, 1989, pp. 206-214.
    14. B. W. Lampson, “Protection,” in Proceedings of the 5th Princeton Conference on Information Sciences and Systems, 1971, pp. 437.
    15. R. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman, “Role-Based Access Control Models,” IEEE Computer, Vol. 29, No. 2, 1996, pp. 38-47.
    16. E. Bertino, E. Ferrari, and V. Atluri, “A Flexible Model Supporting the Specification and Enforcement of Role-based Authorizations in Workflow Management Systems,” in Proceedings of the ACM Workshop on Role-Based Access Control, 1997, pp. 1-12.
    17. C. Payne, D. Thomsen, J. Bogle, and R. O’Brien, “Napoleon: A Recipe for Workflow,” in Proceedings of the 15th Computer Security Applications Conference, 1999, pp. 134-142.
    18. G. J. Ahn, R. Sandhu, M. Kang, and J. Park, “Injecting RBAC to Secure a Web-Based Workflow System,” in Proceedings of the 5’th ACM Workshop on Role-Based Access Control, 2000, pp. 1-10.
    19. S.C. Chou, A.F. Liu, and C.J. Wu, “Preventing information leakage within workflows that execute among competing organizations,” Journal of Systems and Software, Vol. 75(1-2), 2005, pp. 109-123.
    20. Hwang, G. H. and Chang, T. K., “An Operational Model and Language Support for Securing XML Documents,” Computers & Security, 23, 6, 2004, pp. 498–529.
    21. Hwang, G. H. and Chang, T. K., “Towards Attribute Encryption and a Generalized Encryption Model for XML,” The 4th International Conference on Internet Computing (IC'03), Las Vegas, Nevada, USA, 2003.
    22. Workflow Management Coalition, “Workflow Management Coalition Workflow Standard: Workflow Process Definition Interface – XML Process Definition Language (XPDL) (WFMC-TC-1025), Technical report,” Lighthouse Point, Florida, USA, 2002.
    23. Arkin, A., “Business Process Modeling Language (BPML),” BPMI.org, 2002.
    24. UN/CEFACT and OASIS, “UN/CEFACT and OASIS: ebXML Business Process Specification Schema (Version 1.01),” 2001.
    25. OASIS Standard, “Web Services Business Process Execution Language Version 2.0.” http://docs.oasis-open.org/wsbpel/2.0/wsbpel-v2.0.html, 2007.
    26. Arkin, A., Askary, S., Fordin, S., Jekeli, W., Kawaguchi, K., Orchard, D., Pogliani, S., Riemer, K., Struble, S., Takacsi-Nagy, P., Trickovic, I., and Zimek, S., “Web Service Choreography Interface (WSCI) 1.0.” World Wide Web Consortium, Boston, USA, 2002.
    27. “Workflow Software via Cloud Computing Service - RunMyProcess.” http://www.runmyprocess.com/.
    28. “Visual Workflow: experience the speed of visual app development.” http://www.salesforce.com/platform/cloud-platform/workflow.jsp.
    29. “Aneka: Enabling .NET-based Enterprise Grid and Cloud Computing.” http://www.manjrasoft.com/products.html.
    30. “Azure Services Platform.” http://en.wikipedia.org/wiki/Microsoft_Azure#Azure_Platform_Components.
    31. “Implementing Workflows on Google App Engine with Fantasm.” http://code.google.com/intl/zh-TW/appengine/articles/fantasm.html.
    32 OASIS, “Reference Model for Service Oriented Architecture 1.0,” OASIS Standard, 12 October 2006, http://www.oasis-open.org/committees/soa-rm.
    33 Michael Bell, “Introduction to Service-Oriented Modeling,” Service-Oriented Modeling: Service Analysis, Design, and Architecture, Wiley & Sons, ISBN 978-0-470-14111-3, 2008.
    34 W3C, “Web Services Architecture”, http://www.w3.org/TR/ws-arch/, 2004.
    35 Internet Engineering Task Force (IETF), “The Secure Sockets Layer (SSL) Protocol Version 3.0,” http://tools.ietf.org/html/rfc6101, 2011.
    36 A. Singhal, T. Winograd, and K. Scarfone, “Guide to Secure Web Service,” NIST Special Publication 800-95, 2007.
    37 OASIS, “WS-SecurityPolicy,” OASIS Standard, February 2009, http://www.oasis-open.org/committees/ws-sx/.
    38 OASIS, “WS-Trust,” OASIS Standard, February 2009, http://www.oasis-open.org/committees/ws-sx/.
    39 Robert W. Sebesta, “Concepts of Programming Languages, 9/e,” Addison-Wesley, ISBN: 0-13-607347-6, 2010.
    40 Internet Engineering Task Force (IETF), “RPC: Remote Procedure Call Protocol Specification Version 2,” http://tools.ietf.org/html/rfc1831, 1995
    41 William Grosso, “Java RMI,” O’Reilly Media, ISBN:978-1-56592-452-9, 2001
    42 Alan H. Karp, “Authorization-Based Access Control for the Services Oriented Architecture,” Fourth International Conference on Creating, Connecting and Collaborating through Computing (C5’06), January 2006, c5, pp.160-167.
    43. M. S. Olivier, R. P. van de Riet, and E. Gudes, “Specifying application-level security in workflow systems,” in Proceeding of the 9th International Workshop on Database and Expert Systems Applications, 1998, pp. 346-351.
    44. K. Knorr, “Dynamic access control through petri net workflows,” in Proceedings of the 16th Annual Conference on Computer Security Application, 2000, pp. 159-167.
    45. R. K. Thomas and R. S. Sandhu, “Task-based authorization controls (TBAC): a family of models for active and enterprise-oriented authorization management,” in Proceedings of the IFIP WG11.3 Workshop on Database Security, 1997, pp. 166-181.
    46. X. Dong, G. Chen, J. Yin, and J. Dong, “Petri-net-based Context Related Access Control in Workflow Environment,” in Proceedings of the 7th International Conference on Computer Supported Cooperative Work in Design, 2002, pp. 381-384.
    47. R. Smith, “Chapter 205: Multilevel security,” Handbook of Information Security, Volume 3, Threats, Vulnerabilities, Prevention, Detection and Management, Hossein Bidgoli, ed., ISBN 0-471-64832-9, John Wiley, USA, 2006.
    48. M.H. Kang, B.J. Eppinger, and J.N. Froscher, “Tools to Support Secure Enterprise Computing,” in Proceedings of the 15th Annual Computer Security Application Conference, 1999, pp. 143-152.
    49. M.H. Kang, J.N. Froscher, A.P. Sheth, and K.J. Kochut, “A Multilevel Secure Workflow Management System,” in Proceedings of 11th Conference on Advanced Information Systems Engineering, 1996, pp. 271-285.
    50. V.I. Wietrzyk, M. Takazawa, M.A. Orgun, and V. Varadharajan, “A Secure Transaction Environment for Workflows in Distributed Systems,” in Proceedings of the Eighth International Conference on Parallel and Distributed Systems, 2001, pp. 198-205.
    51. V. Atluri and W.K. Huang, “An authorization model for workflows,” in Proceedings of the Fourth European Symposium on Research in Computer Security, Rome, Italy, September, 1996, pp. 25-27.
    52. J. S. Park, M. H. Kang, and J. N. Froscher, “A Secure Workflow System for Dynamic Collaboration,” in Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge, Paris, France, 2001, pp. 167-182.
    53. D. Thomsen, D. O’Brien, and J. Bogle, “Role Based Access Control Framework for Network Enterprises,” in Proceedings of the 14th Annual Computer Security Applications Conference, 1998, pp. 50-58.
    54. W.K. Huang and V. Atluri, “SecureFlow: a secure Web-enabled workflow management system,” in Proceedings of the fourth ACM workshop on Role-based access control, October 1999, pp. 83-94.
    55. J. S. Park and R. Sandhu, “RBAC on the Web by Smart Certificates,” in Proceedings of the fourth ACM workshop on Role-based access control, October 1999, pp. 1-9.
    56. D. Basin, J. Doser, and T. Lodderstedt, “Model Driven Security for Process-oriented Systems,” in Proceedings of the Eighth ACM Symposium on Access Control Models and Applications, 2003, pp. 100-109.
    57. J.S. Park and J. Hwang, “Role-based Access Control for Collaborative Enterprise in Peer-to-peer Computing Environments,” in Proceedings of the Eighth ACM Symposium on Access Control Models and Applications, 2003, pp. 93-99.
    58. S. Das, K. Kochut, J. Miller, A. Sheth, and D. Worah, “ORBWork: A Reliable Distributed CORBA-based Workflow Enactment System for METEOR2,” Technical Report UGA-CS-TR-97-001, University of Georgia, February 1997.
    59. J. A. Miller, M. Fan, S. Wu, I. B. Arpinar, A. P. Sheth, and K. J. Kochut, “Security for the Meteor Workflow Management System,” Technical Report UGA-CS-LSDIS-TR-99-010, University of Georgia, June 1999.
    60. G. H. Hwang, Y. C. Hsiao, and S. H. Chang, “XDWfMS: An XML-Based Distributed Workflow Management System,” The Fifth International Workshop on XML Technology and Applications (XMLTech'07), Las Vegas, Nevada, USA, June 25-28, 2007, pp. 318-324.
    61. A.H. Karp, H. Haury, and M.H. Davis, “From ABAC to ZBAC: the Evolution of Access Control Models,” Technical report HPL-2009-30, HP Labs, 21 Feb. 2009
    62. J. Park and R. Sandhu, “The UCONABC usage control model,” ACM Transactions on Information and System Security (TISSEC), Vol. 7, Issue 1, New York, NY, USA, February 2004, pp. 128-174.
    63. D. R. Kuhn, E. J. Coyne, and T. R. Weil, “Adding Attributes to Role-Based Access Control,” Computer, Vol. 43, Issue 6, June 2010, pp. 79-81.
    64. H. Yao, H. Hu, B. Huang, and R. Li, “Dynamic Role and Context-Based Access Control for Grid Applications,” in Proceeding PDCAT '05 Proceedings of the Sixth International Conference on Parallel and Distributed Computing, 2005, pp. 404-406.
    65. M. Strembeck and G. Neumann, “An integrated approach to engineer and enforce context constraints in RBAC environments,” ACM Transactions on Information and System Security (TISSEC), Vol. 7, Issue 3, New York, NY, USA, August 2004, pp. 392-427.
    66. R. S. Sandhu, “A Lattice Interpretation of the Chinese Wall Policy,” in Proceedings of the 15th NIST-NCSC National Computer Security Conference, 1992, pp. 329-339.
    67. V. Atluri, S. Chun and P. Mazzoleni, “Chinese Wall Security for Decentralized Workflow Management Systems,” Journal of Computer Security, Vol. 12, No. 6, 2004, pp. 799-840.
    68. Y. C. Hsiao and G. H. Hwang, “Implementing the Chinese Wall Security Model in Workflow Management Systems,” The 2010 IEEE International Symposium on Parallel and Distributed Processing with Applications (IEEE ISPA 2010), Taipei, Taiwan, September 6-9, 2010, pp. 574-581.
    69. Alonso, G., Mohan, C., Gunthor, R., Agrawal, D., El Abbadi, A., and Kamath, M., “Exoticd/FMQM: A Persistent Message-Based Architecture for Distributed Workflow Management,” In IFIP WG8. I Working Conference on Information System Development for Decentralized Organizations, Trondheim, Norway, Aug, 1–18, 1995.
    70. Wietrzyk, V. I. and Takizawa, M., “DistributedWorkflows: A Framework for Electronic Commerce,” Journal of Information Science and Engineering, 19, 2003, pp. 15–38.
    71. Shegalov, G., Gillmann, M., and Weikum, G., “XML-enabled Workflow Management for E-Services across Heterogeneous Platforms,” The International Journal on Very Large Data Bases, 10, 1, 2001.
    72. Tripathi, A., Ahmed, T., Kakani, V., Jaman, S., “Workflow support for electronic commerce applications.” Department of Computer Science, University of Minnesota, MN, US, 2000.
    73. Buckley, C., Salton, G., and Allan, J., “The effect of adding relevance information in a relevance feedback environment,” In Proceedings of the 17th Int’l Conference on R&D in IR (SIGIR), 1994, pp. 292–300.
    74. Hull, D., Pedersen, J., and Schfietze, H., “Document routing as statistical classification,” In AAAI Spring Symposium on Machine Learning in Information Access, Palo Alto, CA, 1996.
    75. Schütze, H., Hull, D. A., and Pedersen, J. O., “A comparison of classifiers and document representations for the routing problem,” In Proceedings of the 18th annual international ACM SIGIR conference on Research and development in information retrieval, Seattle, Washington, United States, 1995, pp. 229–237.
    76. Ramachandran, D., Boyette, N., Cheng, I., Krishna, V., and Srinivasan, S., “Towards Scaleable and Adaptive Document Routing Services,” IEEE International Conference on Services Computing (SCC'06), 2006.
    77. Kumar, A. and Zhao, J. L., “Workflow support for electronic commerce applications,” Decision Support Systems, 32, 3, 2002.
    78. Montagut, F. and Molva, R., “Bridging Security and Fault Management within Distributed Workflow Management Systems,” IEEE Transactions on Services Computing, 1, 1, 33–48, 2008.
    79. Goldschlag, D. M., Reed, M. G., and Syverson, P. F., “Onion Routing for Anonymous and Private Internet Connections,” Communications of the ACM, 42, 2, 1999.
    80. Reed, M. G., Syverson, P. F., and Goldschlag, D. M., “Anonymous Connections and Onion Routing,” IEEE Journal on Selected Areas in Communication, Special Issue on Copyright and Privacy Protection, 1998.
    81. Farmer, W., Guttman, J., and Swarup, V., “Security for Mobile Agents: Authentication and State Appraisal,” In Proceedings of the 4th European Symposium on Research in Computer Security (ESORICS '96), 1996, pp. 118–130.
    82. Necula, G. and Lee, P., “Safe Kernel Extensions Without Run-Time Checking,” In Proceedings of the 2nd Symposium on Operating System Design and Implementation (OSDI '96), Seattle, Washington, 1996, pp. 229–243.
    83. Vigna, G., “Protecting Mobile Agents through Tracing,” In Proceedings of the 3rd ECOOP Workshop on Mobile Object Systems. Jyvalskyla, Finland, 1997.
    84. Roth, V., “Secure Recording of Itineraries through Cooperating Agents,” In Proceedings of the ECOOP Workshop on Distributed Object Security and 4th Workshop on Mobile Object Systems: Secure Internet Mobile Computations, INRIA, France, 1998, pp. 147–154.
    85. Ordille, J. J., “When Agents Roam, Who Can You Trust?,” In Proceedings of the First Conference on Emerging Technologies and Applications in Communications, Portland, OR, 1996.
    86. Hulaas, J. G., Stormer, H., and Schonhoff, M., “ANAISoft: An Agent-based Architecture for Distributed Market-based Workflow Management,” CSCW2001, 2001.
    87. Kumar, A. and Zhao, J. L., “Dynamic Routing and Operational Controls in a Workflow Management System,” Management Science, 45, 2, 1999.
    88. OASIS, “Web Services Security,” OASIS Standard, February 2006, http://www.oasis-open.org/committees/wss/.
    89. OASIS, “Security Assertion Markup Language(SAML) V2.0,” OASIS Standard, March 2005, http://saml.xml.org/saml-specifications.
    90. OASIS, “WS-SecureConversation,” OASIS Standard, February 2009, http://www.oasis-open.org/committees/ws-sx/.
    91. W. She, B. M. Thuraisingham, and I. Yen, “Delegation-based Security Model for Web Services,” 10th IEEE High Assurance Systems Engineering Symposium, 2007.
    92. W. She, I. Yen, and B. M. Thuraisingham, “Enhancing Security Modeling for Web Services Using Delegation and Pass-On,” IEEE International Conference on Web Services, pp. 545-552. 2008.
    93. W. She, I. Yen, B. M. Thuraisingham, and E. Bertino, “The SCIFC Model for Information Flow Control in Web Service Composition”. IEEE International Conference on Web Services, 2009.
    94. T. Rhodes, “File System Access Control Lists,” FreeBSD Handbook, 2003, Chap.14, http://www.freebsd.org/doc/en/books/handbook/fs-acl.html.
    95. OASIS, “eXtensible Access Control Markup Language (XACML) Version 2.0,” OASIS Standard, February 2005, http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf .
    96. R. Fernandez, “Enterprise Dynamic Access Control Version 2 Overview,” US Space and Naval Warfare Systems Center, January 2006.
    97. M. J. Covington, W. Long, S. Srinivasan, A. K. Dev, M. Ahamad and G. D. Abowd, “Securing Context-Aware Applications Using Environment Roles,” Proc. of the sixth ACM symposium on Access Control Models and Technologies, May 2001, pp.10-20.
    98. Junqiang Zhu, Yu Zhou, and Weiqin Tong, “Access Control on the Composition of Web Services,” NWeSP, 2006.
    99. Carminati, B., Ferrari, E., and Hung, P.C.K., “Security Conscious Web Service Composition,” ICWS '06, 2006
    100. Massimo Bartoletti, Pierpaolo Degano, and Gian Luigi Ferrari, “Security issues in service composition,” Proceedings of the 8th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems, 2006.
    101. Mudhakar Srivatsa, Arun Iyengar, Thomas Mikalsen, Isabelle Rouvellou, and Jian Yin, “An Access Control System for Web Service Compositions,” ICWS 2007, 2007.
    102. Gwan-Hwan Hwang, Yu-Hsuan Chang, and Tao-Ku Chang, “An Operational Model and Language Support for Securing Web Services,” IEEE 2007 International Conference on Web Services (IEEE ICWS'07) , 2007.
    103. Federica Paci, Mourad Ouzzani, and Massimo Mecella, “Verification of Access Control Requirements in Web Services Choreography,” 2008 IEEE International Conference on Services Computing Vol. 1, 2008.
    104. Chao-Chen Chiang, “A Framework to Support Process Instance Security in SOA,” Master thesis, Dept. of Computer Science and Information Engineering, National Taiwan Normal University, 2009.
    105. Wu-Lee, C. and Hwang, G. H., “Dynamic Policies for Supporting Quality of Service in Service-Oriented Architecture,” The 2010 International Conference on Electronics and Information Engineering (ICEIE 2010). Kyoto, Japan, 2010.
    106. Jun Li and Alan H. Karp, “Access Control for the Services Oriented Architecture,” SWS’07, November 2, 2007.
    107. Jr. V. Kessler, “On the Chinese Wall Model,” The Second European Symposium on Research in Computer Security (ESORICS 92), 1992, pp. 41-54.
    108. C. N. Fischer and Jr. R. J. LeBlanc, “Crafting A Compiler with C,” The Benjamin/Cummings Publishing Company, Inc, 1991.
    109. T. Bray, J. Paoli, C. M. Sperberg-McQueen, and E. Maler, “Extensible Markup Language (XML) 1.0 (Second Edition),” W3C Recommendation. October 2000.
    110. G. H. Hwang, Y. C. Lee, and S. H. Chang, “Design of an Object-Oriented Workflow Management System with Reusable and Fine-Grained Components,” by H. Fuks, S. Lukosch, and A.C. Salgado (Eds.): CRIWG 2005, Lecture Notes in Computer Science, Vol. 3706, ISBN:3-540-29110-5, 2005, pp. 192-207.
    111. Y. C. Hsiao, “An Aspect-Oriented Designs of WfMS with IoC,” Master Thesis, Department of Computer Science and Information Engineering, National Taiwan Normal University, Advisor: Gwan-Hwan Hwang, Taiwan, 2007.
    112. OMG, “Business Process Modeling Notation (BPMN) 1.2,” 2009.
    113. Eastlake, D., Reagle, J., Imamura, T., Dillaway, B., and Simon, E., “XML Encryption Syntax and Processing.” W3C Recommendation. http://www.w3.org/TR/xmlenc-core/, 2002.
    114. ITU Telecommunication Standardization Sector, “ITU-T RECOMMENDATION X.509.” URL:http://www.itu.int/rec/T-REC-X.509-200508-I/en, 2005.
    115. Chang, S. H., “The Design and Implementation of a Document-based and Non-centralized Workflow Management,” Master thesis, National Taiwan Normal University, 2006.
    116. Chang, T. K. and Hwang, G. H., “An Application Program Interface for Securing XML Documents,” The 2005 International Conference on Internet Computing (ICOMP'05). Las Vegas, USA, 2005.
    117. Clark, J. and Derose, S., “XML Path Language (XPath) Version 1.0.” W3C Recommendation. http://www.w3.org/TR/1999/REC-xpath-19991116.xml, 1999.
    118. Eastlake, D., Reagle, J., Solo, D., Bartel, M., Boyer, J., Fox, B., LaMacchia, B., and Simon, E., “XML-Signature Syntax and Processing,” W3C Recommendation, http://www.w3.org/TR/xmldsig-core/, 2002.
    119. The Apache Software Foundation, “Welcome to Apache Hadoop!” http://hadoop.apache.org/
    120. W3C, “SOAP Version 1.2 Part 1: Messaging Framework (Second Edition),” http://www.w3.org/TR/soap12-part1/, 2007.
    121. Java Specification Requests, “JSR 105: XML Digital Signature APIs,” http://jcp.org/en/jsr/detail?id=105, 2005.
    122. Donald Eastlake, Joseph Reagle, David Solo, Frederick Hirsch, Thomas Roessler, Mark Bartel, John Boyer, Barb Fox, Brian LaMacchia, and Ed Simon, “XML Signature Syntax and Processing (Second Edition), W3C Recommendation,” http://www.w3.org/TR/xmldsig-core/, 2008.
    123. “Apache Santuario,” http://santuario.apache.org, 2011.

    下載圖示
    QR CODE