Developing security-aware resource management strategies for workflows

Article English OPEN
He, Ligang ; Chaudhary, Nadeem ; Jarvis, Stephen A. (2014)

This paper investigates the resource allocation problem for a type of workflow in pervasive computing. These workflows are abstracted from the enterprise-level applications in the business or commerce area. The activities in these workflows require not only computing resources, but also human resources. Human involvement introduces additional security concerns. When we plan/allocate resource capacities, we often assume that when a task is allocated to a resource, the resource will accept the task and start the execution once the processor becomes available. However, the security policies impose further constraints on task executions, and therefore may affect both application- and system-oriented performance. Authorization is an important aspect in security. This paper investigates the issue of allocating resources for running workflows under the role-based authorization control, which is one of the most popular authorization mechanisms. By taking into account the authorization constraints, the resource allocation strategies are developed in this paper for both human resources and computing resources. In the allocation strategy for human resources, the optimization equation is constructed subject to the constraint of the budget available to hire human resources. Then the optimization equation is solved to obtain the number of human resources allocated to each authorization role. The allocation strategy for computing resources calculates not only the number of computing resources, but also the proportion of processing capacity in each resource allocated to serve the tasks assuming each role. The simulation experiments have been conducted to verify the effectiveness of the developed allocation strategies. The experimental results show that the allocation strategy developed in this paper outperforms the traditional allocation strategies, which do not consider authorization constraints, in terms of both average response time and resource utilization.
  • References (20)
    20 references, page 1 of 2

    [1] V. Atluri and W. kuang Huang, “A petri net based safety analysis of workflow authorization models,” 1999.

    [2] L. He, K. Duan, X. Chen, D. Zou, Z. Han, A. Fadavinia, and S. Jarvis, “Modelling workflow executions under role-based authorisation control,” in Services Computing (SCC), 2011 IEEE International Conference on, july 2011, pp. 200 -208.

    [3] Q. Wang and N. Li, “Satisfiability and resiliency in workflow authorization systems,” ACM Trans. Inf. Syst. Secur., vol. 13, no. 4, pp. 40:1-40:35, Dec. 2010. [Online]. Available:

    [4] Y. Lu, L. Zhang, and J. Sun, “Using colored petri nets to model and analyze workflow with separation of duty constraints,” The International Journal of Advanced Manufacturing Technology, vol. 40, pp. 179-192, 2009, 10.1007/s00170-007-1316-1. [Online]. Available:

    [5] D. Zou, L. He, H. Jin, and X. Chen, “Crbac: Imposing multigrained constraints on the rbac model in the multi-application environment,” Journal of Network and Computer Applications, vol. 32, no. 2, pp. 402 - 411, 2009. [Online]. Available:

    [6] E. Deelman, D. Gannon, M. Shields, and I. Taylor, “Workflows and e-science: An overview of workflow system features and capabilities,” 2008.

    [7] C.-C. Hsu, K.-C. Huang, and F.-J. Wang, “Online scheduling of workflow applications in grid environments,” Future Generation Computer Systems, vol. 27, no. 6, pp. 860 - 870, 2011. [Online]. Available:

    [8] P. Delias, A. Doulamis, N. Doulamis, and N. Matsatsinis, “Optimizing resource conflicts in workflow management systems,” Knowledge and Data Engineering, IEEE Transactions on, vol. 23, no. 3, pp. 417 -432, march 2011.

    [9] D. Chakraborty, V. Mankar, and A. Nanavati, “Enabling runtime adaptation ofworkflows to external events in enterprise environments,” in Web Services, 2007. ICWS 2007. IEEE International Conference on, july 2007, pp. 1112 -1119.

    [10] L. He, D. Zou, Z. Zhang, K. Yang, H. Jin, and S. A. Jarvis, “Optimizing resource consumptions in clouds,” in Proceedings of the 2011 IEEE/ACM 12th International Conference on Grid Computing, ser. GRID '11. Washington, DC, USA: IEEE Computer Society, 2011, pp. 42-49. [Online]. Available:

  • Metrics
    views in OpenAIRE
    views in local repository
    downloads in local repository

    The information is available from the following content providers:

    From Number Of Views Number Of Downloads
    Warwick Research Archives Portal Repository - IRUS-UK 0 21
Share - Bookmark