A generic framework for process execution and secure multi-party transaction authorization

Weigold, T. 2010. A generic framework for process execution and secure multi-party transaction authorization. PhD thesis University of Westminster School of Electronics and Computer Science https://doi.org/10.34737/90873

TitleA generic framework for process execution and secure multi-party transaction authorization
TypePhD thesis
AuthorsWeigold, T.
Abstract

Process execution engines are not only an integral part of workflow and business process management systems but are increasingly used to build process-driven applications. In other words, they are potentially used in all kinds of software across all application domains. However, contemporary process engines and workflow systems are unsuitable for use in such diverse application scenarios for several reasons. The main shortcomings can be observed in the areas of interoperability, versatility, and programmability. Therefore, this thesis makes a step away from domain specific, monolithic workflow engines towards generic and versatile process runtime frameworks, which enable integration of process technology into all kinds of software. To achieve this, the idea and corresponding architecture of a generic and embeddable process virtual machine (ePVM), which supports defining process flows along the theoretical foundation of communicating extended finite state machines, are presented. The architecture focuses on the core process functionality such as control flow and state management, monitoring, persistence, and communication, while using JavaScript as a process definition language. This approach leads to a very generic yet easily programmable process framework. A fully functional prototype implementation of the proposed framework is provided along with multiple example applications.

Despite the fact that business processes are increasingly automated and controlled by information systems, humans are still involved, directly or indirectly, in many of them. Thus, for process flows involving sensitive transactions, a highly secure authorization scheme supporting asynchronous multi-party transaction authorization must be available within process management systems. Therefore, along with the ePVM framework, this thesis presents a novel approach for secure remote multi-party transaction authentication - the zone trusted information channel (ZTIC). The ZTIC approach uniquely combines multiple desirable properties such as the highest level of security, ease-of-use, mobility, remote administration, and smooth integration with existing infrastructures into one device and method.

Extensively evaluating both, the ePVM framework and the ZTIC, this thesis shows that ePVM in combination with the ZTIC approach represents a unique and very powerful framework for building workflow systems and process-driven applications including support for secure multi-party transaction authorization.

Year2010
File
PublisherUniversity of Westminster
Publication dates
Published2010
Digital Object Identifier (DOI)https://doi.org/10.34737/90873

Related outputs

Process-driven biometric identification by means of autonomic grid components
Weigold, T., Aldinucci, M., Danelutto, M. and Getov, Vladimir 2012. Process-driven biometric identification by means of autonomic grid components. International Journal of Autonomous and Adaptive Communications Systems. 5 (3), pp. 274-291. https://doi.org/10.1504/IJAACS.2012.047659

Integrating autonomic grid components and process-driven business applications
Weigold, T., Aldinucci, M., Danelutto, M. and Getov, Vladimir 2009. Integrating autonomic grid components and process-driven business applications. in: Vasilakos, A.V., Beraldi, R., Friedman, R. and Mamei, M. (ed.) Autonomic computing and communications systems: third international ICST conference, autonomics 2009, Limassol, Cyprus, September 9-11, 2009, revised selected papers Berlin / Heidelberg Springer.

Advanced Grid programming with components: a biometric identification case study
Weigold, T., Buhler, P., Thiyagalingam, J., Basukoski, A. and Getov, Vladimir 2008. Advanced Grid programming with components: a biometric identification case study. in: Proceedings of the 32nd Annual IEEE International Computer Software and Applications Conference, 28 July - 1 August 2008, Turku, Finland: COMPSAC 2008 Los Alamitos, USA IEEE . pp. 401-408

Methodology for component-based development of grid applications
Basukoski, A., Buhler, P., Getov, Vladimir, Isaiadis, S. and Weigold, T. 2008. Methodology for component-based development of grid applications. in: Compframe/Hpc-Geco Workshop: Proceedings of the 2008 compFrame/HPC-GECO workshop on Component based high performance New York, NY, USA ACM.

Permalink - https://westminsterresearch.westminster.ac.uk/item/90873/a-generic-framework-for-process-execution-and-secure-multi-party-transaction-authorization


Share this

Usage statistics

116 total views
330 total downloads
These values cover views and downloads from WestminsterResearch and are for the period from September 2nd 2018, when this repository was created.