Workflow systems are popular in daily business processing. Since vulnerability cannot be totally removed from a workflow management system, successful attacks always happen and may inject malicious tasks or incorrect data into the workflow system. Moreover, legitimate tasks referring to the incorrect data will further corrupt more data objects in the system. As a result, the integrity level of the system can be seriously compromised. This problem cannot be efficiently solved by existing defense mechanisms, such as access control, intrusion detection, and checkpoints. In this paper, we propose a practical solution for on-line attack recovery of workflows. The recovery system discovers all damages caused by the malicious tasks and automatically repairs the damages based on data and control dependencies between workflow tasks. We describe fundamental theories for workflow attack recovery system. Based on these theories, we build a prototype system and develop the corresponding recovery algorithms. We evaluate the performance of the recovery system under different attacking densities, intrusion detection delays and arrival rates. The experimental results show that our system is practical.
All Science Journal Classification (ASJC) codes
- Hardware and Architecture
- Computer Science Applications
- Computer Networks and Communications