Next Article in Journal
Collaborative Optimization Method of Power and Efficiency for LCC-S Wireless Power Transmission System
Next Article in Special Issue
A Novel Adaptive East–West Interface for a Heterogeneous and Distributed SDN Network
Previous Article in Journal
An Improved Coordinate Registration for Over-the-Horizon Radar Using Reference Sources
Previous Article in Special Issue
On-Board Data Management Layer: Connected Vehicle as Data Platform

Securing Workflows Using Microservices and Metagraphs †

ICube, University of Strasbourg, 67081 Strasbourg, France
LAMIH, CNRS, UMR 8201, Université Polytechnique Hauts-de-France, INSA Hauts-de-France, 59313 Valenciennes, France
Author to whom correspondence should be addressed.
This paper is an extended version of our paper published in IEEE 22nd International Conference on High-Performance Switching and Routing (HPSR 2021), Paris, France, 7–10 June 2021.
Academic Editor: Vijayakumar Varadarajan
Electronics 2021, 10(24), 3087;
Received: 14 November 2021 / Revised: 5 December 2021 / Accepted: 8 December 2021 / Published: 11 December 2021
(This article belongs to the Special Issue Advances in Communications Software and Services)
Companies such as Netflix increasingly use the cloud to deploy their business processes. Those processes often involve partnerships with other companies, and can be modeled as workflows where the owner of the data at risk interacts with contractors to realize a sequence of tasks on the data to be secured. In this paper, we first show how those workflows can be deployed and enforced while preventing data exposure. Second, this paper provides a global framework to enable the verification of workflow policies. Following the principles of zero-trust, we develop an infrastructure using the isolation provided by a microservice architecture to enforce owner policy. We implement a workflow with our infrastructure in a publicly available proof of concept. This work allows us to verify that the specified policy is correctly enforced by testing the deployment for policy violations, and find the overhead cost of authorization to be reasonable for the benefits. In addition, this paper presents a way to verify policies using a suite of tools transforming and checking policies as metagraphs. It is evident from the results that our verification method is very efficient regarding the size of the policies. Overall, this infrastructure and the mechanisms that verify the policy is correctly enforced, and then correctly implemented, help us deploy workflows in the cloud securely. View Full-Text
Keywords: data leak; workflow; microservices; authorization; access control; policy verification; metagraphs; yawl; rego data leak; workflow; microservices; authorization; access control; policy verification; metagraphs; yawl; rego
Show Figures

Graphical abstract

MDPI and ACS Style

Miller, L.; Mérindol, P.; Gallais, A.; Pelsser, C. Securing Workflows Using Microservices and Metagraphs. Electronics 2021, 10, 3087.

AMA Style

Miller L, Mérindol P, Gallais A, Pelsser C. Securing Workflows Using Microservices and Metagraphs. Electronics. 2021; 10(24):3087.

Chicago/Turabian Style

Miller, Loïc, Pascal Mérindol, Antoine Gallais, and Cristel Pelsser. 2021. "Securing Workflows Using Microservices and Metagraphs" Electronics 10, no. 24: 3087.

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

Back to TopTop