John C. Mace, Charles Morisset, and Aad van Moorse


Workflows are complex operational processes that include security constraints restricting which users can perform which tasks. An improper user-task assignment may prevent the completion of the workflow, and deciding such an assignment at runtime is known to be complex, especially when considering user unavailability (known as the resiliency problem). Therefore, design tools are required that allow fast evaluation of workflow resiliency. In this paper, we propose a methodology for workflow designers to assess the impact of the security policy on computing the resiliency of a workflow. Our approach relies on encoding a workflow into the probabilistic model-checker PRISM, allowing its resiliency to be evaluated by solving a Markov Decision Process. We observe and illustrate that adding or removing some constraints has a clear impact on the resiliency computation time, and we compute the set of security constraints that can be artificially added to a security policy in order to reduce the computation time while maintaining the resiliency. Date: September 2, 2015 Presented: 12th International Conference on Quantitative Evaluation of SysTems (QEST 2015), Madrid, Spain, September 1-3, 2015. Published: Quantitative Evaluation of Systems, Lecture Notes in Computer Science Volume 9259, 2015, pp 244-259. Editors: Javier Campos, Boudewijn R. Haverkort Publisher: Springer ISBN: 978-3-319-22263-9 (Print) 978-3-319-22264-6 (Online) Publisher URL: Full Text: DOI: Open Access: