Architectural patterns for security-oriented workflows in collaborative environments

Abstract

Scientific experiments often involve use of shared resources across organization boundaries in distributed collaborative environments. They are more often enabled through web services. A plethora of research is undertaken to protect individual web services. They include centralized security models wherein the main focus is on centralised Virtual Organization (VO) specific attribute authorities, e.g. VOMS, which can be used by collaborative service providers to make authorisation decisions. And a decentralized security model wherein each service provider themselves are responsible for the assignment of roles/privileges to the different members of collaborative environments. Workflows themselves can be orchestrated in centralized or decentralized orchestration models. In this research work we have identified a number of architectural design patterns for security-enabled workflows executions. These patterns are based on the different workflows execution and security models. The key issues in such patterns as well as a rationale of choice are provided. An overview of a securityoriented workflow framework is provided that can tackle some of the issues identified in these patterns.