Authorization Model Definition for an Adaptable Workflow within Cloud Environment

Rayis, Osama
Doğru, Ali Hikmet
In this paper, we present a formal definition in temporal logic for an authorization model for an adaptable workflow within cloud environment. Cloud computing is a strong driving technology reshaping cyber space transactions. Security is characterized as the prime challenge for cloud computing. Workflows are core business activities which were previously running in trusted environments. Running workflows in cloud environment is a growing practice which brings agility to institutions as well as presenting a new challenge. New challenges were brought in the picture due to the factors of the distributed environment. In this paper a formal model for the access control problem of workflows within cloud environment is presented. A temporal event-based periodic role-based authorization model is given for workflows on cloud where synchronization of workflows with authorization flow and separation of duties are supported. The model combines the necessary mechanisms needed to answer the authorization challenges. The model will help to answer some of the pressing needs of security within the new developing cloud environment besides the classical needs of workflows. The model presented creates a set of mechanisms in response to those challenges, and then combines all the mechanisms in a single model. Yet another challenge this work lays ground for is presenting a formal model where it is practical to explore the security-reliability nexus. That gives support to the cloud system design process.


CLOUDGEN: Workload generation for the evaluation of cloud computing systems CLOUDGEN: Bulut Bilişim Sistemlerinin Başarim Deǧerlendirmesi icin Iş Yuku Uretimi
Koltuk, Furkan; Yazar, Alper; Schmidt, Şenan Ece (2019-04-01)
In this paper, we propose CLOUDGEN workflow that produces synthetic workloads for Infrastructure and Platform as a Service for the evaluation of resource management approaches in cloud computing systems. To this end, CLOUDGEN systematically processes and clusters records in a given workload trace and fits distributions for different workload parameters within the clusters. Different than the previous work, clustering is carried out to produce different virtual machine types for achieving models that are sui...
Hierarchical and decentralized multitasking control of discrete event systems
Schmidt, Klaus Verner; Cury, José E. R. (2007-12-01)
In this paper, a hierarchical and decentralized approach for composite discrete-event systems (DES) that have to fulfill multiple tasks is elaborated. Colored marking generators that can distinguish classes of tasks are used as the system model, and a colored abstraction procedure as well as sufficient conditions for nonblocking and hierarchically consistent control are developed. It is shown that the computational complexity for supervisor computation is reduced. A flexible manufacturing system example dem...
Formalization of workflows and correctness issues in the presence of concurrency
Arpinar, IB; Halıcı, Uğur; ARPINAR, SENA; DOGAC, ASUMAN (1999-04-01)
In this paper, main components of a workflow system that are relevant to the correctness in the presence of concurrency are formalized based on set theory and graph theory. The formalization which constitutes the theoretical basis of the correctness criterion provided can be summarized as follows:
Multi-objective decision making using fuzzy discrete event systems: A mobile robot example
Boutalis, Yiannis; Schmidt, Klaus Verner (2010-09-29)
In this paper, we propose an approach for the multi-objective control of sampled data systems that can be modeled as fuzzy discrete event systems (FDES). In our work, the choice of a fuzzy system representation is justified by the assumption of a controller realization that depends on various potentially imprecise sensor measurements. Our approach consists of three basic steps that are performed in each sampling instant. First, the current fuzzy state of the system is determined by a sensor evaluation. Seco...
Resource Allocation for Minimized Power Consumption in Hardware Accelerated Clouds
Ekici, Nazim Umut; Schmidt, Klaus Verner; Yazar, Alper; Schmidt, Şenan Ece (2019-01-01)
In this paper we propose ACCLOUD-MAN, a novel resource manager for heterogeneous cloud data centers. In heterogeneous clouds a user request can be satisfied with more than one physical resource alternative. That is, the resource manager must decide which resource alternative will be chosen, along with the decision of the server the request will be assigned to. ACCLOUD-MAN's resource management objective is to reduce the power consumption of the cloud data center. To this end, the manager is modeled as an in...
Citation Formats
O. Rayis and A. H. Doğru, “Authorization Model Definition for an Adaptable Workflow within Cloud Environment,” 2019, p. 49, Accessed: 00, 2020. [Online]. Available: