1 / 11

Secure Workflow Repository for Askalon

Secure Workflow Repository for Askalon. Malik Muhamamd Junaid Maximilian Berger Thomas Fahringer Distributed and parallel Systems Group University of Innsbruck Austria. Oct, 13, 2009. Krakow, PL. Outline. Motivation Workflow Hosting Environment Secure Workflow Repository (SWFR)

paley
Télécharger la présentation

Secure Workflow Repository for Askalon

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Workflow Repository for Askalon Malik Muhamamd Junaid Maximilian Berger Thomas Fahringer Distributed and parallel Systems Group University of Innsbruck Austria Oct, 13, 2009. Krakow, PL.

  2. Outline • Motivation • Workflow Hosting Environment • Secure Workflow Repository (SWFR) • Architecture • Components • Security and Reliability • Advancement • Conclusion

  3. Introduction • Workflows are vital to Grid based applications. • Increasing complexity of these applications is making the workflow design difficult, • Leading to a need for: • Workflow Sharing and Reuse • Workflow security • Workflow Version Management • Workflow Modification History

  4. ASKALON Workflow Storage • Workflow Represented using AGWL based on XML • Workflow storage is based on Filesystem • Open access to all users • Manual version history • No Workflow Modification History • No ownership record for workflows

  5. Secure Workflow Repository(SWFR) • SWFR is designed and implemented to address these issues: • Features: • Decentralized Service oriented implementation • Secure Client Service communication for workflow transactions • Extended Role Based Access Control • Automated Version Control • Comprehensive wokflow update history • Complete Ownership information

  6. Architecture of the SWFR Workflow Design Tool (client) Workflow Repository (Service) Event Handler Authentication & Authorization Module Repository Requests (Events) Design Tool Workflow Repository Storage, Retrieval & Session Management Session Manager Version Management Module

  7. Security using Extended-RBAC Role based Access Control (RBAC) Role Hierarchy Permissions User Assignment Permission Assignment Users Operations objects Roles Rights Delegation Extended Role based Access Control (E-RBAC) for Grid Workflows

  8. Security using Extended-RBAC • Layered Security Architecture: • Request Handle performs Decryption of the incoming request based on the session information • User Authentication based on Session and credential information • Authorization check based on Roles and Exceptional rights • Information Retrieval from the Repository • Encryption using session information Request Handler Decryption 1 Session Authentication 2 Authentication (RBAC) 3 Authorization (E-RBAC) 4 Repository Access 5

  9. Schema Diagram for the SWFR state name xmlid rev_Id rev_nr time_st chg_id change chg_type 1 * 1 * workflow has has revision change 1 rights has rights * * u_perm owner * * gp_perm 1 * 1 * * * has is_in * User Wf_info Group u_id email u_name name cred wf_inf_id count Time_st full_rev gid Gp_name

  10. Automatic Version Management • Version Management Module: • Keeps track of the Existing Workflows in the Repository • Applies Version Increment to the Updated workflows • Automatic Minor updates for the workflow modifications • User directed explicit major version updates

  11. Conclusion • SWFR Provides a better solution for workflow management • It can be easily integrated into larger systems. • Secure communication makes it safe for SOA • Decentralized database makes it fast and efficient • Layered Extended Role based access provides multi level of security. • Fine grained access control is possible because of exceptional rights delegation • Automatic version management helps in tracking changes and finding updated version easily.

More Related