利用雲端協作模式運作之具可擴展性及可信性跨企業工作流程管理系統
No Thumbnail Available
Date
2013
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
雲端運算 (Cloud computing) 技術在學術界跟工業界已經被廣泛地研究及利用,越來越多企業跟使用者將他們的資料以及應用程式搬移至雲端環境上。雲端運算提供一個新的運算模式,其擁有彈性調整計算規模、由異質資源整合而成之無容量限制的資源池 (resource pool) 以及依照需求 (on-demand) 供給計算資源等機制。這些新的概念為工作流程管理系統 (Workflow Management System, WfMS) 的實作上帶來許多新的挑戰。若要在雲端環境建立一個具可擴展性且可支援跨企業運作的工作流程管理系統,則需要將現有的程序管理 (process management) 概念作更多的延伸以及使其適應雲端的環境。
本論文將會提出一個具有可擴展性且可在多租戶環境上運作的跨企業工作流程系統。特別的是,工作流程程序 (workflow process) 的制定可以透過雲端協作(cloud collaboration)的機制來完成。我們不會將傳統需要透過引擎 (engine-based) 控制的工作流程系統架構直接佈署到雲端上,而是讓工作流程程序實例 (workflow process instance) 擁有自我保護的能力,如此一來,也不需要另外使用存取控制 (access-control) 的機制去保護敏感資料免受惡意竊取。因此,工作流程實例的探索以及流程活動 (activity) 的執行就可以各自獨立並且分散執行。
另外在本論文所提出的系統中,我們採用 BigTable 來儲存所有的工作流程程序實例以及控制工作流程程序的執行,讓系統得以成為可容納巨量資料的工作流程系統。我們也使用元素式加密法 (element-wise encryption) 和鏈狀數位簽章 (chained digital signature) 等技術讓工作流程可以擁有身分驗證機制、資料保密性、資料完整性以及不可否認性等安全性需求。
而且工作流程程序實例可以備份及遷移至其他相容的平台而不必依靠雲端服務提供者的支援。因此,本論文所提出的系統也可以適用在不受信任的雲端伺服器上。系統的相關實作細節以及實驗數據則可以展示此系統架構的可行性。
Cloud computing is gaining tremendous momentum in both academia and industry, with more and more people and enterprises migrating their data and applications into the cloud. Cloud computing provides a new computing model with elastic scaling, a resource pool of unprecedented size, and the on-demand resource provisioning mechanism, which bring numerous challenges in implementing workflow management systems (WfMSs) in the cloud. Establishing scalable and cross-enterprise WfMSs in the cloud requires the adaptation and extension of existing concepts for process management. This thesis proposes a scalable and cross-enterprise WfMS which can be applied in a multitenancy cloud environment. Especially, it can activate enactment of workflow processes by cloud collaboration. We do not employ the traditional engine-based WfMSs. The key idea is to have the workflow process instance to be self-protected and does not need an access-control server to secure the data therein. Thus, the process instance discovery and activity execution can be fully independently and distributed. As a result, we can employ the data storage system, BigTable, to store the process instances, which may form a big data, and control the execution of workflow processes. The applying of element-wise encryption and chained digital signature makes it satisfy major security requirements of authentication, confidentiality, data integrity, and nonrepudiation. Also, the process instance migration and replication can be fulfilled without the supporting of the cloud provider. Therefore, the proposed system can also be applied to cloud with untrusted server. The implementation and experimental results demonstrate the feasibility of the proposed framework.
Cloud computing is gaining tremendous momentum in both academia and industry, with more and more people and enterprises migrating their data and applications into the cloud. Cloud computing provides a new computing model with elastic scaling, a resource pool of unprecedented size, and the on-demand resource provisioning mechanism, which bring numerous challenges in implementing workflow management systems (WfMSs) in the cloud. Establishing scalable and cross-enterprise WfMSs in the cloud requires the adaptation and extension of existing concepts for process management. This thesis proposes a scalable and cross-enterprise WfMS which can be applied in a multitenancy cloud environment. Especially, it can activate enactment of workflow processes by cloud collaboration. We do not employ the traditional engine-based WfMSs. The key idea is to have the workflow process instance to be self-protected and does not need an access-control server to secure the data therein. Thus, the process instance discovery and activity execution can be fully independently and distributed. As a result, we can employ the data storage system, BigTable, to store the process instances, which may form a big data, and control the execution of workflow processes. The applying of element-wise encryption and chained digital signature makes it satisfy major security requirements of authentication, confidentiality, data integrity, and nonrepudiation. Also, the process instance migration and replication can be fulfilled without the supporting of the cloud provider. Therefore, the proposed system can also be applied to cloud with untrusted server. The implementation and experimental results demonstrate the feasibility of the proposed framework.
Description
Keywords
雲端運算, 多租戶技術, 工作流程管理系統, Cloud, Multitenancy, Workflow Management System, WfMS