Gesellschaft für Informatik e.V.

Lecture Notes in Informatics

INFORMATIK 2010 Business Process and Service Science - Proceedings of ISSS and BPSC P-177, 194-205 (2010).

Gesellschaft für Informatik, Bonn

Copyright © Gesellschaft für Informatik, Bonn


Static information fow analysis of workflow models

Rafael Accorsi and Claus Wonnemann


This paper proposes a framework for the detection of information leaks in workflow descriptions based on static information flow analysis. Despite the correct deployment of access control mechanisms, certain information leaks can persist, thereby undermining the compliance of workflows to policies. The framework put forward in this paper identifies leaks induced by the structure of the workflow. It consists of an adequate meta-model for workflow representation based on Petri nets and corresponding components for the transformation and analysis. A case study illustrates the application of the framework on a concrete workflow in BPEL notation.

Full Text: PDF

Gesellschaft für Informatik, Bonn
ISBN 978-3-88579-271-0

Last changed 04.10.2013 18:35:13