Abstract
Workflow management systems (WFMS) coordinate execution of logically related multiple tasks in an organization. Such coordination is achieved through dependencies that are specified between the tasks of a workflow. Often times preventive measures are not enough and a workflow may be subjected to malicious attacks. Traditional workflow recovery mechanisms do not address how to recover from malicious attacks. Database survivability techniques do not work for workflow because tasks in a workflow have dependencies that are not present in traditional transaction processing systems. In this paper, we present an algorithm that shows how we can assess and repair the effects of damage caused by malicious tasks. Our algorithm focuses not only on restoring the consistency of data items by removing the effects of malicious tasks but also takes appropriate actions to ensure the satisfaction of task dependencies among all the committed tasks.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Ammann, P., Jajodia, S., Liu, P.: Recovery from malicious transactions. IEEE Trans. on Knowledge and Data Engineering 14, 1167–1185 (2002)
Bernstein, P.A., Hadzilacos, V., Goodman, N.: Concurrency Control and Recovery in Database Systems. Addison-Wesley, Reading (1987)
Chrysanthis, P.: ACTA, A framework for modeling and reasoning aout extended transactions. PhD thesis, University of Massachusetts, Amherst, Massachusetts (1991)
Eder, J., Liebhart, W.: Workflow Recovery. In: Proceeding of Conference on Cooperative Information Systems, pp. 124–134 (1996)
Gore, M.M., Ghosh, R.K.: Recovery in Distributed Extended Long-lived Transaction Models. In: Proceedings of the 6th International Conference DataBase Systems for Advanced Applications, April 1999, pp. 313–320 (1999)
Kiepuszewski, B., Muhlberger, R., Orlowska, M.: Flowback: Providing backward recovery for workflow systems. In: Proceeding of the ACM SIGMOD International Conference on Management of Data, pp. 555–557 (1998)
Lala, C., Panda, B.: Evaluating damage from cyber attacks. IEEE Transactions on Systems, Man and Cybernetics 31(4), 300–310 (2001)
Yu, M., Liu, P., Zang, W.: Multi-Version Attack Recovery for Workflow Systems. In: 19th Annual Computer Security Applications Conference, December 2003, pp. 142–151 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhu, Y., Xin, T., Ray, I. (2005). Recovering from Malicious Attacks in Workflow Systems. In: Andersen, K.V., Debenham, J., Wagner, R. (eds) Database and Expert Systems Applications. DEXA 2005. Lecture Notes in Computer Science, vol 3588. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11546924_2
Download citation
DOI: https://doi.org/10.1007/11546924_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28566-3
Online ISBN: 978-3-540-31729-6
eBook Packages: Computer ScienceComputer Science (R0)