Constellation, le dépôt institutionnel de l'Université du Québec à Chicoutimi

Decentralized enforcement of document lifecycle constraints

Hallé Sylvain, Khoury Raphaël, Betti Quentin, El-Hokayem Antoine et Falcone Yliès. (2017). Decentralized enforcement of document lifecycle constraints. Information Systems, p. 1-19.

[thumbnail of 2017 - Hallé et al - Decentralized Enforcement of Document Lifecycle Constraints.pdf]

URL officielle:


Artifact-centric workflows describe possible executions of a business process through constraints expressed from the point of view of the documents exchanged between principals. A sequence of manipulations is deemed valid as long as every document in the workflow follows its prescribed lifecycle at all steps of the process. So far, establishing that a given workflow complies with artifact lifecycles has mostly been done through static verification, or by assuming a centralized access to all artifacts where these constraints can be monitored and enforced. We present in this paper an alternate method of enforcing document lifecycles that requires neither static verification nor single-point access. Rather, the document itself is designed to carry fragments of its history, protected from tampering using hashing and public-key encryption. Any principal involved in the process can verify at any time that the history of a document complies with a given lifecycle. Moreover, the proposed system also enforces access permissions: not all actions are visible to all principals, and one can only modify and verify what one is allowed to observe. These concepts have been implemented in a software library called Artichoke, and empirically tested for performance and scalability.

Type de document:Article publié dans une revue avec comité d'évaluation
Pages:p. 1-19
Version évaluée par les pairs:Oui
Sujets:Sciences naturelles et génie
Sciences naturelles et génie > Sciences mathématiques > Informatique
Département, module, service et unité de recherche:Départements et modules > Département d'informatique et de mathématique
Mots-clés:Business artifact, business process, document lifecycle, lifecycle policy, UML statechart, Business Process Modelling Language, Linear Temporal Logic, finite-state automata, trace validation, policy enforcement, public-key encryption, hash functions, tamper-proof history, confidentiality, distributed enforcement, runtime monitoring, smart cards, Portable Document Format, Artichoke-X
Déposé le:24 oct. 2017 00:22
Dernière modification:24 oct. 2017 00:22
Afficher les statistiques de telechargements

Éditer le document (administrateurs uniquement)

Creative Commons LicenseSauf indication contraire, les documents archivés dans Constellation sont rendus disponibles selon les termes de la licence Creative Commons "Paternité, pas d'utilisation commerciale, pas de modification" 2.5 Canada.

Bibliothèque Paul-Émile-Boulet, UQAC
555, boulevard de l'Université
Chicoutimi (Québec)  CANADA G7H 2B1
418 545-5011, poste 5630