480 likes | 631 Views
A Decentralized Workflow Model and its Implementation in a Digital Government Environment. Pietro Mazzoleni. DSI – Universita’ Statale di Milano, ITALY. CIMIC - Rutgers University, Newark (NJ) USA. Outline. Problem Introduction Decentralized Vs Centralized Workflow Contributions
E N D
A Decentralized Workflow Model and its Implementation in a Digital Government Environment Pietro Mazzoleni DSI – Universita’ Statale di Milano, ITALY CIMIC - Rutgers University, Newark (NJ) USA
Outline • Problem Introduction • Decentralized Vs Centralized Workflow • Contributions 1.Traditional WFMS Join-limitation 2. DWFMS • Self Describing Workflow • Workflow Stub 3.DWFMS Chinese Wall security Policy 4. E-government project • Customized Workflow • Future Work and Conclusion
DELTA AVIS Enter Input Reserve airline bs Rent a Car bf or p>$400 bs bs Bs and p<=$400 Bs and Date <3/21/01 ReserveAirline Rent a car bs Reserve a hotel Notify CONTINENTAL HERTZ MARRIOT What is a workflow? The automation of a business process, in whole or part, during which documents, information or tasksare passed from one participant to another for action, according to a set of procedural rules. WFMC Ex: Travel Planning Workflow : • Task: an e-mail message, a transaction, a program, meeting, etc. • Processing agent: a person, a role, a DBMS, an application program, etc. • Coordinated execution: control-flow, value and external dependencies.
Performance Bottleneck Do not if systems are inherently autonomous and distributed DELTA AVIS Enter Input Date/destination WF specification bs Reserve airline Rent a Car bf or p>$400 bs bs Bs and Date <3/21/01 Bs and p<=$400 ReserveAirline Rent a car Reserve a hotel bs Notify CONTINENTAL HERTZ MARRIOT Centralized WFMS WF Execution Centralized Workflow Management CONTINENTAL DELTA AVIS MARRIOT
Inter-organizational Workflow • Business Processes in EC, Virtual Enterprise and supply chain environments • A dynamic consortium/partnership of autonomous, diverse, and geographically dispersed organizations that pool their services to offer a more complex, value-added product • Business processes (Workflows) that go beyond the organization boundaries Unrealistic to assume that there will be a centralized controller which manages the whole business process
Centralized WFMS Notify enter input DELTA AVIS CONTINENTAL 3 5 6 7 5 6 7 MARIOTTE 3 5 2 6 7 7 4 6 Decentralized WF Management 3 5 DELTA AVIS Enter Input Date/destination 1 bs WF specification Reserve airline Rent a Car bf or p>$400 bs bs Bs and p<=$400 Bs and Date <3/21/01 bs ReserveAirline Rent a car 2 Reserve a hotel Notify 4 6 CONTINENTAL HERTZ MARRIOT
Contribution: Workflow Patterns and Traditional WFMS join-limitation
Abstraction from the concrete form which keeps recurring in specific non-arbitrary contexts SEQUENCE SPLIT JOIN Workflow Patterns RIehdle and Zullinger
Workflow Patterns: Join A point in the workflow where two or more parallel executing activities converge into a single common thread of control WFMC Reserve continental Book the trip Reserve Delta • Explicit Representation Constructors AND-JOIN and OR-JOIN
Workflow Patterns: Join Reserve Flight bs ANDJOIN Confirm Vacation AND JOIN Book Hotel bs Reserve Hilton bs OR JOIN Confirm Vacation OR JOIN Reserve County bs
Reserve Hitlon bs ANDJOIN Book the trip bs Reserve Delta (Delta.price + Hilton.price < $400) Workflow Patterns: Join Problem: Reserve a Trip if the Price of the Hotel plus the price of the Flight is less than 400$
Hotel Hilton ??? Book Trip Hotel Country Workflow Patterns: Join Problem: Reserve rooms for 10 people in the only two hotels available…It is possible to reserve 4 single rooms in one Hotel and 3 double rooms in the other (Hiton.double>= 3 OR Country.double>=3)AND (Hiton.single>= 4 OR Country.single>=4)
Embed the JOIN in the Dependencies Definition Keep consistency with the other Patterns Workflow Patterns: Join Solution: Implicit Representation Hotel Hilton Bs Book Trip Hotel Country Bs (Hiton.double>= 3 OR Country.double>=3) AND (Hiton.single>= 4 OR Country.single>=4)
Our Contribution We have proposed and Extension to the traditional workflow model to represent the join relationship.
Contribution: Decentralized Workflow Management System
WFMS server self describing workflow t1, A1, Input (t1) bs t2 bs t2 t1 t1 t4 t4 bs bs t3 bs t3 bs A(t2) WFMS Stub WFMS Stub WFMS Stub WFMS Stub WFMS Stub A(t4) (t2, A2, Input (t2), A(t1) t2 (t3, A3, Input (t3), (t4, A4, Input (t4), A(t3) t4 t4 t3 bs Our Approach to Decentralized Workflow Management • Self-describing Workflow • Workflow Stub
Self Describing Workflow Partitions of a workflow that carry sufficientinformation such that they can be managed by a local task execution agent rather than the central WFMS • Task Name • Task Execution Agent • Pre Condition • Outstate • Workflow Partition SELF(ti) = <ti, A(ti), PRE(ti), OutState, Pi >
Dependency/Preconditions • Evaluate dependencies only if needed • Reduce amount of information sending between tasks • Reveal only need-to-know information • Keep minimal the number of tasks activated from a Workflow instance Reserve Hotel (t1.price<=$400 AND t1.availability=YES) Rent a Car T1 T2 Reserve Hotel T1 Book the trip Reserve Flight T2 t1.price+t2.price<=$400
AND OR OR t1.double>=3 t2.double>=3 t1.single>=4 t2.single>=4 AND AND OR OR OR OR D t1.single>=3 D t1.signal#0 t1.double>=3 t1.signal#1 t1.single>=3 t1.double>=3 Deferred(t1) Immediate(t1) Dependency/Preconditions Dependencies Splitting: (t1.double>=3 OR t1.double>=3) AND (t2.single>=4 OR t2.single>=4)
WFMS Stub • Activities • Receives the self-describing workflow, • extract task to be executed at that site • Partition the remaining workflow • Evaluate the PRE condition • Execute the task • Evaluate the dependency • Construct self-describing workflows • forwards each self-describing workflow to the relevant task agents • Objectives • execute the workflow in parallel as much as possible • minimize the communication
Our Contribution We have proposed a decentralized workflow management model (DWFMS) that is suitable for heterogeneous, autonomous, and distributed environments
Contribution: DWFMS Chinese Wall Policy
Conflict of Interest Problem Problem: • Execution agents may have conflict of interest • one agent can manipulate control or value dependencies in Workflow for its advantage DELTA AVIS Enter Input Reserve airline bs Rent a Car Bf or p>$400 bs bs Bs and p<=$400 Bs and Date <3/21/01 ReserveAirline Rent a car bs Reserve a hotel Notify CONTINENTAL HERTZ MARRIOT Continental may offer the ticket at a price which such that Delta is always at a disadvantage
X R R R R R The Chinese Wall Policy Brewer and Nash Model • Objective:prevent information flows that cause conflict of interest for individual consultants • Read Rule: S can read O only if • O is within the wall or O belong to another COI class consultant Bank B Bank A Insurance Oil B
X X W R R W The Chinese wall policy Brewer and Nash Model Write Rule: S can write O only if • S can read O by BN Read rule • no object can be read which is in the different company set to the one for which write access is requested ConsultantA Oil A Bank A ConsultantB Oil B
OurChinese Wall Security Model for Decentralized Workflow Systems • Subject, S: task execution agent • Object, O: input/output objects of tasks, dependencies • Sensitive versus non-Sensitive objects • Non-sensitive • The objects that are not involved in any dependency • Sensitive wrt a subject S • objects involved in a value dependency and therefore can change the execution flow
Our Chinese Wall Security Model for Decentralized WFMS Read/Evaluate Rule: S can read O if • O is not sensitive, or • There is no S’ in W such that COI(S) = COI(S’) Subject can read and evaluate sensitive dependency object of its own company iff O does not belong to the same COI group as S’s company in the Workflow Write/Partition Rule: S can write O if S can read O Subject is not allowed to construct SELF with sensitive objects that belong to the same COI class
Restrictive Partition of a task agent Critical Partition: A partition where there exist no sensitive objects belonging to COI(A(tj)) OR there exist no an agent A(tk) in Pj such that COI(A(t j))=COI(A(tk)) t2.price<300$ OR t2.bf 1 2 3 4 5 Task that makes the partition • not adjacent tasks • adjacent tasks
t2.signal#0 OR t2.price<300$ t2.bf 2 P23 3 3 4 5 P24 Critical Partition: non-adjacent tasks P2 t2.price<300$ OR t2.bf 1 2 3 4 5 Task that makes the partition
t2.signal#0 OR t2.price<300$ t2.bf 1 2 P23 1 4 5 P24 Critical Partition: adjacent tasks P2 t2.price<300$ OR t2.bf 1 2 3 4 5 Task that makes the partition
Our Contribution We have proposed an extension of the Chinese Wall Policy to address the Conflict of Interest in a Decentralized Workflow Execution
Contribution: E-government for State Business Services Open a New Business in the State of New Jersey?
DetermineYour Type of Business • Register Your Business's Name and File Original Business Certificate • Obtain the Licenses and Permits You Will Need • Obtain Information about Environmental, Health, and Safety Issues • Learn about Unclaimed Property Reporting Requirements • Register Your Business for Tax and Employer Purposes Steps to Do • Determine Your Type of Business • Register Your Business's Name and File Original Business Certificate • Obtain the Licenses and Permits You Will Need • Obtain Information about Environmental, Health, and Safety Issues • Learn about Unclaimed Property Reporting Requirements • Register Your Business for Tax and Employer Purposes www.state.nj.us
Agencies Regulation Hide in WebPages, forms, instructions, manuals, etc Applicants who are registering as Sole Proprietors or Partnerships must file pages 15-17 of the NJ-REG. If a business requires spray painting more than 1/2 gallon in an hour, it requires air quality permit and DMV permit. If location is in HMDC jurisdiction require permit to develop from HMDC Please note that the Public Records Filing (pages 21 and 22)may be submitted prior to the completion of pages 15-17 of the NJ-REG to establish the Business Entity,but the remainder of NJ-REG (pages 15-17)must be submitted within 60 days of filing the new business entity.
open bank accnt not incorp file for certificate of incorp incorporation file for FEIN enter new business entity Input application Payroll<1000 Register business for taxes Secretary of State Local IRS Cert of authority for sales tax Div. Of Revenue submit application form/fee Annual payroll >=1000 identify permits needed process state permits apply for Employer Insurance apply for Employer reg number hire >= 1 DEP Dept of labor Business Registration Process • Geographically and functionally dispersed agencies • Individual clients interact with each agency • duplicate information is submitted for each agency complex process
Our Work • Customized Workflow Generation • PDF Interactive and Pre-filled • Visualization and monitoring process • Decentralized Execution
Customized Workflow generation • Direct the user to the correct agencies forms and existing online services • Customization on each specific business • Transparent for the user • Find the correct order of tasks • Easy to understand and works by steps Routine to automatically identify the agencies and the forms to open a particular business. Advantages:
FDF Forms and E-services Pre-fill forms and online services with data coming from tasks already completed. Creation of an interactive form • Help the user dealing with existing online service forms and pdf forms • Save time • Error-checking • Built on the existing systems • Allow to automatically extract data from forms Advantages:
Interactive Pdf Form =Template FORM PDF INTERACTIVE FORM • Don’t need to print • Easy to use • Real-time Error checking
Workflow Execution Create a prototype to automatically execute the workflow with the ability to customize the collaboration coming from each agency. • Integrate the different systems, while preserving existing online services and autonomous systems • Customize solutions to fit agency’s service environment • Monitoring the complete process • Scalable Prototype Advantages:
“Business Application” Workflow Execution Model Workflow SYSTEM • Interview Session • Generate Wf • Fill in forms StartWf EndWf STUB STUB STUB STUB AGENCY 1 AGENCY 2 AGENCY 3 AGENCY 4
Flexible level of participation • By Email • Connection and Storage • Application interaction • Allow interaction with other services in agencies
Our Contribution We’ve realized the proposed decentralized workflow model in a digital government environment in such a way that it can customize the workflow system based on the level autonomy of the participating government agencies.
Future Work - Conclusion • Dynamic Changes • Exception handler • Complete the prototype for helping State agencies to identify useful tools and methods coming out of our research work
Prototype: http://cimic.rutgers.edu/dgov/demos1.html A Decentralized Workflow Model and its implementation in a Digital Government Environment Pietro Mazzoleni mazzolen@cimic.rutgers.edu END