Workflow authorisation in mediator-free environments

WorkFlow Management Systems (WFMS) coordinate and streamline business processes. Acquiring workflow authorisations and managing workflow authorisation constraints is a challenging problem. CurrentWFMSs assume a centralised global workflow authorisation model. In this paper, we propose a distributed workflow authorisation model with no central authorisation manager for a mediator-free environment. We provide an on-demand task discovery protocol that enables domains to discover tasks available in other domains. We formulate the workflow authorisation problem as a constraint satisfaction problem to select access paths that satisfy all the workflow authorisation constraints. We propose the Workflow Minimal Authorisation Problem (WMAP), which selects minimal authorisations required to execute the workflow tasks. In addition, we investigate access path overlaps to allow tasks in the same session to share authorisations and we present the Workflow Minimal Authorisation Problem with path Overlaps (WMAPO). Finally, we formulate integer programmes to solve both the WMAP and WMAPO.