Title :
Self-healing workflow systems under attacks
Author :
Yu, Meng ; Liu, Peng ; Zang, Wanyu
Author_Institution :
Sch. of Inf. Sci. & Technol., Pennsylvania State Univ., University Park, PA, USA
Abstract :
Workflow systems are popular in daily business processing. Since vulnerability cannot be totally removed from a workflow management system, successful attacks always happen and may inject malicious tasks or incorrect data into the workflow system. Referring to the incorrect data further corrupt more data objects in the system, which comprises the integrity level of the system. This problem cannot be efficiently solved by existing defense mechanisms, such as access control, intrusion detection, and checkpoints. In this paper, we propose a practical solution for online attack recovery of workflows. The recovery system discovers all damages caused by the malicious tasks that the intrusion detection system reports and automatically repairs the damages based on data and control dependencies among workflow tasks. We analyze the behaviors of our attack recovery system based on the continuous time Markov chain model. The analytical results demonstrate that our system is practical when the parameters of the system are reasonably designed.
Keywords :
Internet; Markov processes; authorisation; business data processing; system recovery; workflow management software; access control; checkpoints; continuous time Markov chain model; intrusion detection; online attack recovery; self-healing workflow systems; workflow management system; Access control; Automatic control; Computer crashes; Control systems; Credit cards; Distributed computing; Intrusion detection; Scheduling; Transaction databases; Workflow management software;
Conference_Titel :
Distributed Computing Systems, 2004. Proceedings. 24th International Conference on
Print_ISBN :
0-7695-2086-3
DOI :
10.1109/ICDCS.2004.1281607
