scholarly journals Securing Workflows Using Microservices and Metagraphs

Electronics ◽  
2021 ◽  
Vol 10 (24) ◽  
pp. 3087
Author(s):  
Loïc Miller ◽  
Pascal Mérindol ◽  
Antoine Gallais ◽  
Cristel Pelsser
Keyword(s):  
At Risk ◽  
Business Processes ◽  
Proof Of Concept ◽  
Overhead Cost ◽  
Verification Method ◽  
Microservice Architecture

Companies such as Netflix increasingly use the cloud to deploy their business processes. Those processes often involve partnerships with other companies, and can be modeled as workflows where the owner of the data at risk interacts with contractors to realize a sequence of tasks on the data to be secured. In this paper, we first show how those workflows can be deployed and enforced while preventing data exposure. Second, this paper provides a global framework to enable the verification of workflow policies. Following the principles of zero-trust, we develop an infrastructure using the isolation provided by a microservice architecture to enforce owner policy. We implement a workflow with our infrastructure in a publicly available proof of concept. This work allows us to verify that the specified policy is correctly enforced by testing the deployment for policy violations, and find the overhead cost of authorization to be reasonable for the benefits. In addition, this paper presents a way to verify policies using a suite of tools transforming and checking policies as metagraphs. It is evident from the results that our verification method is very efficient regarding the size of the policies. Overall, this infrastructure and the mechanisms that verify the policy is correctly enforced, and then correctly implemented, help us deploy workflows in the cloud securely.

Applying Spring Security Framework with KeyCloak-based OAuth2 to Protect Microservice Architecture APIs for a Health eCoach System: A Proof-of-Concept Study (Preprint)

2021 ◽  
Author(s):  
Ayan Chatterjee ◽  
Andreas Prinz
Keyword(s):  
Open Access ◽  
Medical Devices ◽  
Data Protection ◽  
Experimental Testing ◽  
Virtual Private Network ◽  
Security And Privacy ◽  
Secure Socket Layer ◽  
Proof Of Concept ◽  
Private Network ◽  
Microservice Architecture

UNSTRUCTURED The Internet of Medical Things (IoMT) combines medical devices and applications connected to healthcare information technology systems using network technologies. With the flourishing adaptation rate of Internet-enabled medical devices in healthcare applications, we need to guarantee the security and privacy of electronic health records (EHRs) and communications among these IoMT devices, exposed web services, and the underlying infrastructure. This research is a proof-of-concept (PoC) study for implementing an integrated security solution with Spring Security and KeyCloak open-access platform (SSK) to safeguard microservice architecture application programming interfaces (APIs). Subsequently, we extended the security solution with a virtual private network (VPN), Bcrypt hash, API key, network firewall, and secure socket layer (SSL) to build up a digital infrastructure following the Norwegian data protection policies and General Data Protection Regulation (GDPR). In this study, we have not proposed any new security solution; however, we have focused on accomplishing a hybrid security solution based on the established frameworks (e.g., Spring Security) and open-access software product (e.g., Keycloak) to protect microservice APIs for a health eCoach system as a PoC study. This study describes the methodological, technical, and practical considerations to protect REST interfaces only and ensuring the privacy of data in the system. We validate our SSK security implementation by theoretical evaluation and experimental testing. In addition, we compare the test results with related studies qualitatively to determine the effectiveness of the hybrid security solution (SSK).

Range optimization for target and organs at risk in dynamic adaptive passive scattering proton beam therapy – A proof of concept

2018 ◽  
Vol 56 ◽  
pp. 66-73
Author(s):  
Shunsuke Moriya ◽  
Hidenobu Tachibana ◽  
Kenji Hotta ◽  
Naoki Nakamura ◽  
Takeji Sakae ◽  
...  
Keyword(s):  
At Risk ◽  
Proton Beam ◽  
Organs At Risk ◽  
Proton Beam Therapy ◽  
Proof Of Concept ◽  
Passive Scattering

Business Agility and Process Agility

2013 ◽  
pp. 1580-1598
Author(s):  
Giorgio Bruno
Keyword(s):  
Business Process ◽  
Business Processes ◽  
Essential Feature ◽  
Great Influence ◽  
Proof Of Concept ◽  
Business Agility ◽  
Different Levels

Agility is an essential feature for SMEs and this chapter intends to examine if and how business processes, as currently understood, are able to promote it. Over the last years a number of viewpoints have emerged which exerted great influence on the design of notations and languages for business processes: the majority of them can be referred to as the centralized viewpoint, the role viewpoint, the conversational viewpoint, the case viewpoint and the cooperative one. These viewpoints provide different levels of agility and then beneficial results can be expected from their integration, which is the purpose of the proof-of-concept notation, AgileBPN, presented in this chapter. In AgileBPN, business processes are organized around conversations and role processes (encompassing the tasks pertaining to a given role); shared artifacts are represented as cooperative objects. The notation is illustrated with the help of an example referring to a business process meant to handle applications in a certain organization.

TOWARDS AGENT-BASED MODELING AND VERIFICATION OF COLLABORATIVE BUSINESS PROCESSES: AN APPROACH CENTERED ON INTERACTIONS AND BEHAVIORS

2009 ◽  
Vol 18 (03n04) ◽  
pp. 423-479 ◽  
Author(s):  
MARCO STUIT ◽  
NICK B. SZIRBIK
Keyword(s):  
Business Process ◽  
Petri Net ◽  
Process Design ◽  
Business Processes ◽  
Colored Petri Net ◽  
Agent Based ◽  
Verification Method ◽  
Design Time ◽  
Collaborative Business Process

This paper presents the process-oriented aspects of a formal and visual agent-based business process modeling language. The language is of use for (networks of) organizations that elect or envisage multi-agent systems for the support of collaborative business processes. The paper argues that the design of a collaborative business process should start with a proper understanding of the work practice of the agents in the business domain under consideration. The language introduces a novel diagram to represent the wide range of (cross-enterprise) business interactions as a hierarchy of role-based interactions (including their ordering relations) in a tree structure. The behaviors owned by the agents playing the roles in the tree are specified in separate process diagrams. A collaborative business process studied in the context of a case study at a Dutch gas transport company is used to exemplify the modeling approach. Explicit (agent-based) process models can and should be verified using formal methods. In the business process community, design-time verification of a process design is considered vital in order to ensure the correctness and termination of a collaborative business process. The proposed modeling approach is enhanced with a design-time verification method. The direction taken in this research is to combine the interaction tree and the associated agent behaviors into a verifiable hierarchical colored Petri net in order to take advantage of its well-defined (execution) semantics and proven (computerized) verification techniques. The verification method presented in this paper consists of three steps: (1) the translation of the agent-based process design to a hierarchical colored Petri net, (2) the identification of process design errors, and (3) the correction and rollback of process design errors to the agent-based model. The translation technique has been implemented in a software tool that outputs the hierarchical colored Petri net in a format that can be loaded in the widely used CPN Tools software package. Verification results are discussed for the case study model.

Semantic Framework for Energy-Aware Resource Management of IoT in Business Processes

2018 ◽  
Vol 8 (1) ◽  
pp. 21-43 ◽  
Author(s):  
Kunal Suri ◽  
Walid Gaaloul ◽  
Arnaud Cuccuru ◽  
Sebastien Gerard
Keyword(s):  
Business Processes ◽  
Reference Model ◽  
Optimal Management ◽  
Semantic Technologies ◽  
Semantic Model ◽  
Proof Of Concept ◽  
Energy Aware ◽  
Semantic Framework ◽  
Resource Conflicts ◽  
Iot Devices

Recently, IoT adoption has increased in several domains. IoT devices are multi-modal and heterogeneous due to their varied properties, standards, and manufactures. This leads to interoperability issues, which can be solved using semantic technologies. Likewise, these devices participate in numerous cross-organizational business processes (BPs). Being resource-constrained, they must be managed in an energy-aware manner to avoid BP failures. However, due to lack of a common ontology and formalization of energy-related concepts impedes their optimal management in BPs. To bridge this gap, the authors capitalize on existing semantic models such as FIESTA-IoT and IoT-BPO. They propose the following: (i) formalization of IoT concepts in BPs related to energy, their properties and constraints, and (ii) resolving resource conflicts based on strategies. The feasibility of this framework is illustrated by evaluating the semantic model for its coverage of concepts from IoT-A reference model, along with proof of concept tools that allows ontology-based support for process modeling.

scholarly journals 77 Comparison of HRCTV and Organs at Risk Contours Between TRUS and MR Images in IB Cervical Cancers: A Proof of Concept Study

2019 ◽  
Vol 139 ◽  
pp. S35
Author(s):  
Lucas C. Mendez ◽  
Ananth Ravi ◽  
Kevin Martell ◽  
Hamid Raziee ◽  
Yasir Alayed ◽  
...  
Keyword(s):  
At Risk ◽  
Organs At Risk ◽  
Proof Of Concept ◽  
Mr Images ◽  
Cervical Cancers ◽  
Concept Study

Budget Adjustments and Spending Patterns: A Transaction-Cycle View

2017 ◽  
Vol 32 (1) ◽  
pp. 19-43
Author(s):  
Akhilesh Chandra ◽  
Nirup M. Menon ◽  
Birendra K. (Barry) Mishra
Keyword(s):  
Human Resources ◽  
Value Chain ◽  
Business Processes ◽  
Accounting Information ◽  
Theory And Practice ◽  
Archival Data ◽  
Proof Of Concept ◽  
Resource Assignment ◽  
Accounting Information Systems ◽  
Spending Patterns

ABSTRACT Organizational- and departmental-level budgeting suffer from various shortcomings, such as asymmetric ratcheting. In this regard, we theorize, and propose, budgeting at the transaction-cycle level for effective budget designs. The transaction-cycle level budget requires management justification for resource assignment to business processes, often spanning multiple departments. The transaction-cycle typology consists of five cycles: production, expenditure, financial, revenue, and human-resources. In order to distinguish among transaction cycles, we use their relative positions within the value chain and technology content in their business processes. As a proof-of-concept, we develop theoretical arguments for asymmetric ratcheting in operating budgets at the transaction-cycle level in hospitals, and empirically examine this phenomenon using longitudinal archival data. Our hypotheses examine budgetary responses to overspending and underspending variances in operating budgets for fixed and variable costs. Our findings suggest that a transaction cycle's position in the value chain and its technology content play a role in determining asymmetric ratcheting during budgeting. We discuss our contributions from the perspectives of theory and practice of accounting, budgeting, and accounting information systems.

Gene expression using microarrays in transplant recipients at risk of EBV lymphoproliferation after organ transplantation: Preliminary proof-of-concept

2009 ◽  
Vol 13 (8) ◽  
pp. 990-998 ◽  
Author(s):  
Upton Allen ◽  
Michelle Barton ◽  
Joseph Beyene ◽  
Pingzhao Hu ◽  
Nasser Khodai-Booran ◽  
...  
Keyword(s):  
Gene Expression ◽  
At Risk ◽  
Organ Transplantation ◽  
Proof Of Concept ◽  
Transplant Recipients
Sign in / Sign up

Export Citation Format

Share Document