A framework for enhancing mobile workflow execution through injection of flexible security controls

Mobile workflow execution is gaining importance as traditional process execution systems are employed in many new scenarios such as mobile networks or the Internet of Things. Unfortunately, in these solutions, security is still based on control loops or computer science techniques which have not evolved as fast as current mobile systems and applications. In this context, in order to improve the security level of these systems, it is necessary to create a security framework tightly coupled with the mobile workflow execution platforms. To contribute filling this gap, we propose a framework to inject security controls in workflows, which supports mobile execution and allows a flexible decision making. This solution models security as control points where some relevant previously defined indicators are evaluated. Depending on the obtained values, the framework takes corrective, preventive or adaptive actions, considering also the execution system capabilities and the workflow being executed. In order to evaluate the effectiveness and performance of the proposed solution we include experimental validation.

​Mobile workflow execution is gaining importance as traditional process execution systems are employed in many new scenarios such as mobile networks or the Internet of Things. Unfortunately, in these solutions, security is still based on control loops or computer science techniques which have not evolved as fast as current mobile systems and applications. In this context, in order to improve the security level of these systems, it is necessary to create a security framework tightly coupled with the mobile workflow execution platforms. To contribute filling this gap, we propose a framework to inject security controls in workflows, which supports mobile execution and allows a flexible decision making. This solution models security as control points where some relevant previously defined indicators are evaluated. Depending on the obtained values, the framework takes corrective, preventive or adaptive actions, considering also the execution system capabilities and the workflow being executed. In order to evaluate the effectiveness and performance of the proposed solution we include experimental validation. Read More