Lookup NU author(s): Dr John Mace,
Dr Charles Morisset,
Professor Aad van Moorsel
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
A workflow is resilient when the unavailability of some users does not force to choose between a violation of the security policy or an early termination of the workflow. Although checking for the resiliency of a workflow is a well-studied problem, solutions usually only provide a binary answer to the problem, leaving a workflow designer with little help when the workflow is not resilient. We propose in this paper to provide instead a measure of quantitative resiliency, indicating how much a workflow is likely to terminate for a given security policy and a given user availability model. We define this notion by encoding the resiliency problem as a decision problem, reducing the finding of an optimal user-task assignment to that of solving a Markov Decision Process. We illustrate the flexibility of our encoding by considering different measures of resiliency, and we empirically analyse them, showing the existence of a trade-off between multiple aspects such as success rate, expected termination step and computation time, thus providing a toolbox that could help a workflow designer to improve or fix a workflow.
Author(s): Mace JC, Morisset C, van Moorsel A
Publication type: Conference Proceedings (inc. Abstract)
Publication status: Published
Conference Name: 19th European Symposium on Research in Computer Security
Year of Conference: 2014
Print publication date: 01/01/2014
Library holdings: Search Newcastle University Library for this item
Series Title: Computer Security - ESORICS 2014