The use of blockchain technology has been proposed to provide auditable access control for individual resources. However, when all resources are owned by a single organization, such expensive solutions may not be needed. In this work we focus on distributed applications such as business processes and distributed workflows. These applications are often composed of multiple resources/services that are subject to the security and access control policies of different organizational domains. Here, blockchains can provide an attractive decentralized solution to provide auditability. However, the underlying access control policies may be overlapping in terms of the component conditions/rules, and simply using existing solutions would result in repeated evaluation of user's authorization separately for each resource, leading to significant overhead in terms of cost and computation time over the blockchain. To address this challenge, we propose an approach that formulates a constraint optimization problem to generate an optimal composite access control policy. This policy is in compliance with all the local access control policies and minimizes the policy evaluation cost over the blockchain. The developed smart contract(s) can then be deployed to the blockchain, and used for access control enforcement. We also discuss how the access control enforcement can be audited using a game-theoretic approach to minimize cost. We have implemented the initial prototype of our approach using Ethereum as the underlying blockchain and experimentally validated the effectiveness and efficiency of our approach.
Outlier detection is a challenging task especially when outliers are defined by rare combinations of multiple variables. In this paper, we develop and evaluate a new method for the detection of outliers in multivariate data that relies on Principal Components Analysis (PCA) and three-sigma limits. The proposed approach employs PCA to effectively perform dimension reduction by regenerating variables, i.e., fitted points from the original observations. The observations lying outside the three-sigma limits are identified as the outliers. This proposed method has been successfully employed to two real life and several artificially generated datasets. The performance of the proposed method is compared with some of the existing methods using different performance evaluation criteria including the percentage of correct classification, precision, recall, and F-measure. The supremacy of the proposed method is confirmed by abovementioned criteria and datasets. The F-measure for the first real life dataset is the highest, i.e., 0.6667 for the proposed method and 0.3333 and 0.4000 for the two existing approaches. Similarly, for the second real dataset, this measure is 0.8000 for the proposed approach and 0.5263 and 0.6315 for the two existing approaches. It is also observed by the simulation experiments that the performance of the proposed approach got better with increasing sample size.
PurposeThis paper reviews existing business process (BP) modeling languages that are widely used in the industry as well as recent research work on modeling and analysis of BPs in the service-oriented environment and Internetware-based software paradigm. BPs in such environment are different from traditional BPs due to loose coupling of partner services, dynamic and on-the-fly selection of partners and run-time process adaptability. The unique characteristics of these BPs require formal modeling of the requirements and constraints in each phase of their life cycle, including design phase, implementation and deployment phase and execution phase.Design/methodology/approachThe paper first provides a categorization of typical user requirements in each phase of the BP life cycle. Then a detailed comparison of the selected languages with respect to their requirement modeling and analysis capabilities in each of the identified categories is provided. The paper also discusses new requirements engineering research challenges arising from future software needs and emerging trends in software engineering in the context of Web-services-based BPs and Internetware.FindingsThere is a need to have a framework that provides support for user requirements modeling and analysis for all the phases of BP life cycle in an integrated manner. Such a framework would be useful not only in resolving the inconsistencies between requirements across phases but also in addressing the issues related to BP evolution due to changes in user requirements over time. Moreover, with the Internet of things (IoT) adoption in BPM, there is a need to have an integrated environment that provides support for capturing the resilience requirements of enterprise BPs as well as the mobility constraints of the underlying IoT devices.Originality/valueThis paper reviews existing BP modeling languages and frameworks and discusses the new requirements engineering research challenges arising from future software needs and the emerging trends in BP management in the service-oriented environment and Internetware-based software paradigm.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.