SecFlow: Adaptive Security-Aware Workflow Management System in Multi-Cloud Environments

TL;DR

SecFlow is an adaptive, security-aware workflow management system designed for multi-cloud environments, ensuring security and privacy throughout the entire workflow lifecycle, including execution and response to threats.

Contribution

The paper introduces SecFlow, a novel architecture that maintains security properties during workflow execution in multi-cloud settings, filling a critical gap in existing systems.

Findings

Designed a comprehensive architecture for security-aware WfMS

Implemented adaptive security response mechanisms

Ensured security during all workflow phases

Abstract

In this paper, we propose an architecture for a security-aware workflow management system (WfMS) we call SecFlow in answer to the recent developments of combining workflow management systems with Cloud environments and the still lacking abilities of such systems to ensure the security and privacy of cloud-based workflows. The SecFlow architecture focuses on full workflow life cycle coverage as, in addition to the existing approaches to design security-aware processes, there is a need to fill in the gap of maintaining security properties of workflows during their execution phase. To address this gap, we derive the requirements for such a security-aware WfMS and design a system architecture that meets these requirements. SecFlow integrates key functional components such as secure model construction, security-aware service selection, security violation detection, and adaptive response mechanisms while considering all potential malicious parties in multi-tenant and cloud-based WfMS.