Chapter 2 has addressed the issue of supporting dynamic policies in an SOA environment so as to satisfy security requirements. We have described two motivating examples to demonstrate that the security in SOA depends on the dynamic behavior of the workflow system. We have also proposed a solution that employs the DPSL to specify the security policy requirements in an SOA system. This architecture can fulfill the requirement for the separation of concerns by separately defining the service implementation and the policy specification. The use of a DPSL translator supports dynamic policies in SOA using standard SOA engines. The implementation and experimental results demonstrate the feasibility of the proposed architecture.
Chapter 3 has focused on designing an access control model for SOA systems.
SOA systems are intrinsically based on the workflow due to the requirements of service orchestration. Thus, traditional access control models—including those based on RBAC and ABAC—cannot deal with the access control requirements of SOA appropriately since they do not consider the operations of workflow-based applications. We propose a novel access control model, WBDAC, for SOA applications. The core idea of WBDAC is to generate transient policies according to the dynamic behavior of the workflow process execution. The method does not require many long-term policies to be stored in the policy pool, and it can alleviate the role- and rule-explosion problems for workflow applications. Based on the WBDAC, we have designed the DACL4SOA expression language and implemented a run-time system for it. The presented implementation and experimental results have demonstrated the feasibility of the WBDAC, and shown that we can separate the
specification of access control policies from service orchestration in SOA applications.
The main contribution of Chapter 4 is in addressing the problem that the pairwise conflict relation is insufficient for the concurrency control of long-running transactions.
The motivating example shows that the conflict relation should be resolved according to the global context of all joined autonomous transactions. Therefore, we have proposed a framework that uses the global context to perform the concurrency control of long-running autonomous transactions. We have also developed a language called the DLCCL that allows the system developer to specify how to implement concurrency control according to the global context in defeasible logic. Not limiting the decision by the pairwise conflict relation optimally relaxes the isolation property, which makes it possible to increase the parallelism for long-running transactions. Our model is actually a generalized model rather than a strict pairwise conflict-relation model. One of the key factors that allow DLCCL rules to make concurrency control according to global context is the creation of predicates and functions as shown in Section 4-3-3. It would be highly useful if we would create and define other predicates and functions, especially when values are non-numeric. In the future work, we would like to study what kinds of predicates and functions are needed in different domains or applications.
In Chapter 5, applying the working model of cloud collaboration to define a workflow in the CLWfDL can reduce the cost, since collaborating users do not have to be in the same space and human intervention is not needed to analyze the requirements of users. We believe that this approach has considerable potential in today’s globalized society. The CLWfDL supports distributed definition and concurrent revision. Despite having only two types of rules, this new language can implement almost all flow-control constructs, as shown in [121]. After users learn the
meaning of the two types of rules, they can use them to specify their requirements for workflow execution. A translator can detect if there is any conflict between the rules from multiple users. If conflicts exist, the involved users can be informed and then they can communicate and negotiate amongst themselves so as to revise their rules until there is no conflict. Each user maintains and is responsible for his/her own rules.
We have proposed algorithms that can translate rules from multiple users into a directed graph, which can subsequently be transformed into any workflow definition language. This means that existing workflow engines can provide the workflow enactment service for workflows defined by CLWfDL rules. Since each user only specifies rules, we can design a home page for him/her to edit his/her own rules, and the system can present the final workflow definition in the form of a directed graph.
Serializability of accessing Web service resource is crucial in transaction-based services. Although the chain-hashing scheme can be applied to maintain the operation serialization, it is insufficient when public resources can be accessed by multiple clients. The C&L scheme in which two new parameters are embedded in the messages exchanged between client devices and service provider: the ClientID and the local sequence number (LSN). It was proved that it does not require multiple client devices to exchange any messages and still can guarantee nonrepudiation and maintain the CIWF requirements. However, the LSN is not appropriate for public Web services.
The new scheme, double chain (DoubleC) scheme, does not need the initializtion of LSN, and still has the same power of C&L. The experiments involving the chain-hashing C&L, and DoubleC schemes indicated that their computation and space overheads were almost identical. The presented experimental results have demonstrated the feasibility of the DoubleC scheme. Although the registration time is not a fixed time, and the advantage of DoubleC scheme is not evident, it can help the
public Web service offer the serializability.
The Web service providers can use the scheme proposed in Chapter 6 to provide a transaction serialization guarantee in their SLAs. The scheme has the overhead of exchanging response and reply-response messages between clients and the service provider. The clients need to follow the WS-policy of the service and keep the ACK message. If they want to verify resource operations which they requested before, just provide the last attestation for performing the violation detection.
Proof of violation is different from dectection of violation. When a violation was recognized, it is neccessary to have the evidences to punish the offender, in particular the participants had a contract or agreement. The definition of violation depends on the properties of what the participants involved. In the future work, we would like to study which properties and violations are needed to be proof in different domains or systems.
145
References
1. OASIS, "Reference Model for Service Oriented Architecture 1.0," OASIS Standard, 2006.
2. W3C, "Simple Object Access Protocol 1.2," W3C Recommendation, 2007.
3. Chi Wu-Lee and Gwan-Hwan Hwang, "A Framework and Language Support for Quality of Service in Service-Oriented Architecture," Appear in Journal of
Information Science and Engineering.
4. Chi Wu-Lee and Gwan-Hwan Hwang, "Workflow definition by cloud collaboration," Collaborative Computing: Networking, Applications and
Worksharing (IEEE Collaboratecom), 2013 IEEE 9th International Conference on, pp.123-132, Oct. 2013.
5. Gwan-Hwan Hwang, Chi Wu-Lee and Han-Meng Chiang, "A New Concurrency Control Language for Transactional Process in Service-Oriented Architecture," Advanced Information Networking and Applications (IEEE
AINA), 2013 IEEE 27th International Conference on, pp.227-234, March 2013.
6. Gwan-Hwan Hwang, Chi Wu-Lee and Zhong-Xiang Jiang, "Workflow-Based Dynamic Access Control in a Service-Oriented Architecture," Advanced
Information Networking and Applications Workshops (IEEE AINA), 2012 IEEE 26th International Conference on, pp.47-52, March 2012.
7. Chi Wu-Lee and Gwan-Hwan Hwang, "Dynamic policies for supporting quality of service in service-oriented architecture," Electronics and Information
Engineering (IEEE ICEIE), 2010 IEEE International Conference On, vol.1,
pp.V1-50-55, Aug. 2010.8. M. Bell, Service-Oriented Modeling (SOA): Service Analysis, Design, and Architecture, Wiley, 2008.
9. M. Papazoglou, Web Services: Principles and Technology, Pearson Education, 2008.
10. OASIS, "Web Services Business Process Execution Language 2.0," OASIS Standard, 2007.
11. L. O’Brien, L. Bass and P. Merson, "Quality Attributes and Service-Oriented Architectures," Technical Report, CMU/SEI-2005-TN-014, Software Engineering Institute, Carnegie-Mellon University, 2005.
12. OASIS, "Web Services Security: SOAP Message Security (WS-Security) 1.1,"
OASIS Standard, 2006.
13. OASIS, "Security Assertion Markup Language (SAML) 1.1," OASIS Standard, 2005.
146
14. OASIS, "WS-Trust 1.4," OASIS Standard, 2009.
15. OASIS, "WS-SecureConversation 1.4," OASIS Standard, 2009.
16. OASIS, "WS-SecurityPolicy 1.3," OASIS Standard, 2009.
17. W3C, "Web Services Policy 1.5," W3C Recommendation, 2007.
18. H. Gaur and M. Zirn, BPEL Cookbook: Best Practices for SOA-based integration and composite applications development, Packt Publishing, 2006, Chap. 7.
19. W3C, "Web Services Description Language (WSDL) 1.1," W3C Note, 2001.
20. W3C, "Web Services Policy 1.5 – Attachment," W3C Recommendation, 2007.
21. W3C, "Web Services Addressing 1.0," W3C Recommendation, 2006.
22. V. Tosic, A. Erradi and P. Maheshwari, "WS-Policy4MASC - A WS-Policy Extension Used in the MASC Middleware," IEEE International Conference on Services Computing (SCC), 2007, pp.458-465.
23. H. Liang, W. Sun, X. Zhang, and Z. Jiang, "A Policy Framework for Collaborative Web Service Customization," Second IEEE International Workshop on Service-Oriented System Engineering (SOSE), 2006, pp. 197–
204.
24. G. Yee and L. Korba, "Negotiated Security Policies for E-Services and Web Services," IEEE International Conference on Web Services (ICWS), vol. 2, 2005, pp. 605-612.
25. M. Mathes, S. Heinzl and B. Freisleben, "WS-TemporalPolicy: A WS-Policy Extension for Describing Service Properties with Time Constraints," 32nd Annual IEEE International Computer Software and Applications Conference (COMPSAC), 2008, pp. 1180-1186.
26. B. Hollunder, "WS-Policy: On Conditional and Custom Assertions," IEEE International Conference on Web Services (ICWS), 2009, pp. 936-943.
27. L. Baresi, S. Guinea, and P. Plebani, "WS-Policy for Service Monitoring," 6th VLDB International Workshop on Technologies for E-Services, Lecture Notes in Computer Science, Vol. 3811, 2006, pp. 72-83.
28 C. N. Fischer and R. J. LeBlanc Jr., Crafting A Compiler with C, Addison-Wesley, 1991.
29. Apache Axis2/Java, http://ws.apache.org/axis2/.
30. Apache Axis2 SOAP Monitor Module,
http://axis.apache.org/axis2/java/core/docs/soapmonitor-module.html.
31. Eclipse Web Tools Platform, http://www.eclipse.org/webtools/.
32. soapUI eclipse-plugin, http://www.soapui.org/eclipse/index.html.
33. ActiveBPEL , http://www.activevos.com/community-open-source.php.
147
34 C. M. MacKenzie, K. Laskey, F. McCabe, P. F. Brown, R. Metz and B. A.
Hamilto, “Reference Model for Service Oriented Architecture 1.0,” OASIS
Standard, October 2006, Available at:
<http://docs.oasis-open.org/soa-rm/v1.0/>.
35 M. Bell, “Service-Oriented Modeling (SOA): Service Analysis, Design, and Architecture,” Wiley & Sons, ISBN: 978-0-470-14111-3.
36 M. P. Papazoglou, “Web Services: Principles and Technology,” Prentice-Hall, ISBN: 978-0-321-15555-9.
37 D. Jordan and J. Evdemon, “Web Services Business Process Execution Language (BPEL) Version 2.0” OASIS Standard, April 2007, Available at:
<http://docs.oasis-open.org/wsbpel/2.0/wsbpel-v2.0.html>.
38 B. W. Lampson, “Protection,” Proceedings of the 5th Princeton Conference on Information Sciences and Systems, Princeton, 1971, pp.437.
39 T. Rhodes, “File System Access Control Lists,” FreeBSD Handbook, 2003,
Chap. 14, Available at:
<http://www.freebsd.org/doc/en/books/handbook/fs-acl.html>.
40 Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, Charles E. Youman,
"Role-Based Access Control Models," Computer, vol. 29, no. 2, February 1996, pp. 38-47.
41 A. Elliott and S. Knight, “Role Explosion: Acknowledging the Problem,” Proc.
Software Engineering Research and Practice, July 2010, pp.349-355.
42 R. Fernandez, “Enterprise Dynamic Access Control Version 2 Overview,” US Space and Naval Warfare Systems Center, January 2006.
43 M. J. Covington, W. Long, S. Srinivasan, A. K. Dev, M. Ahamad and G. D.
Abowd, "Securing Context-Aware Applications Using Environment Roles", Proc. of the sixth ACM symposium on Access control models and technologies, May 2001, pp.10-20.
44 D. Richard Kuhn, Edward J. Coyne, Timothy R. Weil, “Adding Attributes to Role-Based Access Control,” Computer, vol. 43, no. 6, June 2010, pp. 79-81.
45 Alan H. Karp, “Authorization-Based Access Control for the Services Oriented Architecture,” Fourth International Conference on Creating, Connecting and Collaborating through Computing (C5'06), January 2006, c5, pp.160-167.
46 F. Paci, E. Bertino, and J. Crampton, “An Access-Control Framework for WS-BPEL,” International Journal Web Service Res., 2008, pp.20-43.
47 Tim Moses, Entrust Inc., “eXtensible Access Control Markup Language (XACML) Version 2.0,” OASIS Standard, February 2005, Available at: <
http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf
>.
148
48 S. Cantor, J. Kemp, R. Philpott, E. Maler, “Security Assertion Markup Language (SAML) V2.0,” OASIS Standard, March 2005, Available at: <
http://saml.xml.org/saml-specifications>.
49 L. Frank, R. Dieter, “Production Workflow: Concepts and Techniques,” Prentice Hall, 1999, ISBN: 978-0-130-21753-0, Chap.3.
52 “Apache ODE (Orchestration Director Engine),” Apache Software Foundation, Available at: <http://ode.apache.org/>.
53 “Apache Axis2/Java,” Apache Software Foundation, Available at:
<http://axis.apache.org/axis2/java/core/>.
54 “Sun's XACML Implementation,” Sun Microsystems, Inc., Available at:
<http://sunxacml.sourceforge.net/>.
55 “Eclipse Technology Project: BPEL Designer Project,” Eclipse Foundation, Available at: <http://www.eclipse.org/bpel/>.
56 J. Hunter, “JDOM Project,” Available at: <http://www.jdom.org/>.
57 A.H. Karp, H. Haury, and M.H. Davis, “From ABAC to ZBAC: the Evolution of Access Control Models,” tech. report HPL-2009-30, HP Labs, February 2009.
58 E. C. Cheng, “An Object-Oriented Organizational Model to Support Dynamic Role-based Access Control in Electronic Commerce Applications,” vol. 8, Thirty-second Annual Hawaii International Conference on System Sciences, vol.
8, 1999, pp.8022.
59 A. D. Ali and K. Chitra, “Modelling Access Control with Dynamic Role Binding,” Computational Intelligence and Modern Heuristics, InTech, February 2010, ISBN: 978-953-7619-28-2.
60 H. Yao, H. Hu, B. Huang and R. Li, “Dynamic Role and Context-Based Access Control for Grid Applications,” Sixth International Conference on Parallel and Distributed Computing Applications and Technologies (PDCAT'05), 2005, pp.404-406.
61 P. Balbiani, Y. Chevalier and M. E. Houri, “A Logical Approach to Dynamic Role-Based Access Control”, Proc. AIMSA, 2008, pp.194-208.
62 E. Bertino, J. Crampton, and F. Paci, “Access Control and Authorization Constraints for WS-BPEL,” in International Conference on Web Services
149
(ICWS), 2006, pp. 275-284.
63 C. Emig, F. Brandt, S. Abeck, J. Biermann, and H. Klarl, “An Access Control Metamodel for Web Service-Oriented Architecture,” in International Conference on Software Engineering Advances (ICSEA), 2007.
64 A. Kumar, P. Barthelmess, and J. Wainer, “W-RBAC-A workflow security model incorporating controlled overriding of constraints,” Relation, vol. 10, no.
1.37, p. 9582, 2001.
65 M. Leitner, S. Rinderle-Ma, and J. Mangler, “AW-RBAC: Access Control in Adaptive Workflow Systems,” in 2011 Sixth International Conference on Availability, Reliability and Security (ARES), 2011, pp. 27-34.
66 J. Mendling, K. Ploesser, and M. Strembeck, “Specifying Separation of Duty Constraints in BPEL4People Processes,” in Business Information Systems, 2008, pp. 273-284.
67 S. Tai, T. Mikalsen, E. Wohlstadter, N. Desai, and I. Rouvellou, “Transaction policies for service-oriented computing,” Data & Knowledge Engineering, vol.
51, no. 1, pp. 59-79, Oct. 2004.
68 E. Yuan and J. Tong, “Attributed Based Access Control (ABAC) for Web Services,” in Web Services, IEEE International Conference on, Los Alamitos, CA, USA, 2005, vol. 0, pp. 561-569.
69 G. Zhang and M. Parashar, “Context-aware Dynamic Access Control for Pervasive Applications”, Proc. of the Communication Networks and Distributed Systems Modeling and Simulation Conference, Jan. 2004 , pp.
21-30.
70 A. Corradi, R. Montanari and D. Tibaldi, “Context-based Access Control for Ubiquitous Service Provisioning”, Proc. of the 28th Annual International Computer Software and Applications Conference, vol.1, Sep. 2004, pp.444-451.
71 X. Feng, X. Jun, H. Hao and X. Li, “Context-Aware Role-Based Access Control Model for Web Services”, Proc. of the Grid and Cooperative Computing Workshops, Sep. 2004, pp.430-436.
72 S. Haibo and H. Fan, “A Context-Aware Role-Based Access Control Model for Web Services”, IEEE International Conference on e-Business Engineering, Oct.
2005, pp.220-223.
73 R. J. Hulsebosch, A. H. Salden, M. S. Bargh, P. W. G. Ebben and J. Reitsma,
“Context Sensitive Access Control”, Proc. of the tenth ACM symposium on Access control models and technologies, Jun. 2005, pp.111-119.
74 H. Yao, H. Hu, B. Huang and R. Li, “Dynamic Role and Context-Based Access Control for Grid Applications”, International Conference on Sixth Parallel and Distributed Computing, Applications and Technologies, Dec. 2005, pp.404-406.
150
75 S.S. Yau, Y. Yao and V. Banga, “Situation-Aware Access Control for Service-Oriented Autonomous Decentralized Systems”, Proc. of Autonomous Decentralized Systems, Apr. 2005, pp.17-24.
76 A. Toninelli, R. Montanari, L. Kagal and O. Lassila, “A Semantic Context-Aware Access Control Framework for Secure Collaborations in Pervasive Computing Environments”, 5th International Semantic Web Conference, Nov. 2006, pp.473-486.
77 A. Samuel, A. Ghafoor and E. Bertino, “Context-Aware Adaptation of Access-Control Policies”, Internet Computing, IEEE, vol.12, issue 1, Feb. 2008, pp.51-54.
78 Theo H, and Andreas R. Principles of Transaction-Oriented Database Recovery.
ACM Computing Surveys 1983, 15 (4): 287–317. DOI: 10.1145/289.291.
79 Philip AB, Vassos H, Nathan G. Concurrency Control and Recovery in
Database Systems. Addison Wesley Publishing Company, ISBN 0-20110-715-5,
1987.80 Philip B, and Nathan G. Concurrency Control in Distributed Database Systems.
ACM Computing Surveys 1981, 13 (2): 185-221. DOI: 10.1145/356842.356846.
81 Michael B. Service-Oriented Modeling (SOA): Service Analysis, Design, and
Architecture. Wiley & Sons, ISBN: 978-0-470-14111-3, 2008.
82 M. P. Papazoglou. Web Services: Principles and Technology. Prentice-Hall, ISBN: 978-0-321-15555-9, 2007.
83 D. Jordan and J. Evdemon. Web Services Business Process Execution Language (BPEL) Version 2.0. http://docs.oasis-open.org/wsbpel/2.0/wsbpel-v2.0.html, April, 2007.
84 G. Alonso, D. Agrawal, A.E. Abbadi, M. Kamath, R. Gunthor, and C. Mohan, Advanced Transaction Models in Workflow Contexts. Proceedings of the
Twelfth International Conference on Data Engineering. (ICDE’96), Washington,
DC, USA, 1996, 574-581.85 Coulouris, G., Dollimore, J., and Kindberg, T. Distributed Systems: Concepts
and Design (3rd Edition). Addison Wesley Publishing Company, ISBN
0-20161-918-0, 2000.86 G. H. Hwang, Y. C. Lee, and B. Y. Wu, A Flexible Failure-Recovery Model for Workflow Management Systems. International Journal of Cooperative
Information Systems 2005, 14 (1): 1-24. DOI:10.1142/S0218843005000992.
87 Hector GM and Kenneth S. SAGAS. Proceedings of the 1987 ACM SIGMOD
international conference on Management of data (SIGMOD), Dec. 1987. New
York, NY, 1987, 249-259.88 Gerhard W. and Hans-J. S. Concepts and Applications of Multilevel
151
Transactions and Open Nested Transactions,” In A. Elmagarmid (ed.):
Database Transaction Models for Advanced Applications. Morgan Kaufmann
Publishers, pp. 515-553, 1992.89 Hector Garcia-Molina, Using Semantic Knowledge for Transaction Processing in a Distributed Database. ACM TODS, Vol. 8, No. 2, 1983, 186-213.
90 Nancy A. Lynch, Multilevel Atomicity – A New Correctness Criterion for Database Concurrency Control. ACM Transactions on Database Systems, 8 (4), 1983, 484-502.
91 Gerhard Weikum and Hans-J. Schek, Architectural Issues of Transaction Management in Multi-Layered Systems. Proc. Int’l Conf. Very Large Databases
(VLDB ’84), 1984, 454-465.
92 S. Choi, H. Jang, H. Kim, J. Kim, S. Kim, J. Song, and Y. Lee, Maintaining Consistency under Isolations Relaxation of Web Services Transactions. Proc.
Int’l Conf. Web Information Systems Eng. (WISE’05), 2005, 245-257.
93 Alrifai M., Dolog P., Balke W.-T., and Nejdl W, Distributed Management of Concurrent Web Service Transactions. IEEE Transactions on Services
Computing, 2 (4), pp. 289-302, 2009.
94 Donald Nute, Defeasible reasoning. In Proc. 20th Hawaii International
Conference on System Science, pages 470–477. IEEE Press, 1987.
95 Michael Covington, Donald Nute, and A. Vellino, Prolog Programming in
Depth. Prentice Hall, 1997.
96 Governatori, Guido, ter Hofstede, Arthur H. M. and Oaks, Philippa, Is Defeasible Logic Applicable? The 2nd Australasian Workshop on
Computational Logic, Gold Coast, Queensland, Australia, (47-62), 2001.
97 Michael A. C. Defeasible Logic on an Embedded Microcontroller. Journal
Applied Intelligence, Volume 13, Issue 3, 2000.
98 Leland L. Beck, An Introduction to Systems Programming. Third Edition.
Addison Wesley Publishing Company, ISBN 0-201-42300-6, 1997.
99 Oracle Corporation. Oracle VM VirtualBox. https://www.virtualbox.org/.
100 Andrew Rock. Deimos: Query Answering Defeasible Logic System.
http://www.ict.griffith.edu.au/arock/defeasible/Defeasible.cgi.
101 The Haskell Programming Language.
http://www.haskell.org/haskellwiki/Haskell.
102 Sheng Liang. The Java Native Interface (Programmer's Guide and Specification). http://java.sun.com/docs/books/jni/html/titlepage.html.
103 Abraham Silberschatz, Peter Baer Galvin, and Greg Gagne. Operating System
Concepts. John Wiley & Sons, ISBN: 0471417432, 6th Edition (June 26, 2001).
104 Anne Dinning, A Survey of Synchronization Methods for Parallel Computers.
152
IEEE Computer, July 1989.
105 K. Haller, H. Schuldt, and C. Türker, Decentralized coordination of transactional processes in peer-to-peer environments. 14th International
Conference on Information and Knowledge Management (CIKM), Bremen,
Germany, October 31st - November 5th, 2005, 28-35.106 OASIS Web Service Coordination (WS-Coordination).
http://docs.oasis-open.org/ws-tx/wscoor/2006/06, 2007.
107 OASIS Standard - Web Services Business Activity (WS-BusinessActivity), Version 1.1. http://docs.oasis-open.org/ws-tx/wstx-wsba-1.1-spec-os.pdf [16 April 2007].
108 D. Georgakopoulos, M. Hornick and A. Sheth, “An overview of workflow management: from process modeling to workflow automation infrastructure,”
Distributed and Parallel Databases, vol. 3, issue 2, pp. 119–153, April 1995.
109 WFMC, “Workflow Management Coalition Workflow Standard: Workflow Process Definition Interface – XML Process Definition Language (XPDL) (WFMCTC- 1025),” Technical report, Workflow Management Coalition, Lighthouse Point, Florida, USA, 2002.
110 OASIS, “Web Services Business Process Execution Language (WSBPEL),”
http://docs.oasis-open.org/wsbpel/2.0/OS/wsbpel-v2.0-OS.html, OASIS Standard, April 2007.
111 W.M.P. van der Aalst, and A.H.M. ter Hofstede, “YAWL: yet another workflow language,” Information Systems, vol. 30, issue 4, pp. 245–275, 2005.
112 “JaWE - Java Workflow Editor,” http://www.together.at/prod/workflow/twe.
113 OMG “Business Process Model And Notation (BPMN),”
http://www.omg.org/spec/BPMN/2.0/, Object Management Group, January 2011.
114 “Eclipse BPEL Designer Project,” http://www.eclipse.org/bpel/.
115 “Google Docs,” https://docs.google.com/.
116 “Google Calendar,” https://calendar.google.com/.
117 “Workflow Patterns Home Page,” http://www.workflowpatterns.com.
118 “Google Forms,” https://docs.google.com/forms/.
119 P. M. Sant, “Exclusive read, exclusive write,” in Dictionary of Algorithms and Data Structures, Paul E. Black, ed., U.S. National Institute of Standards and Technology. December 17, 2004.
120 F. Casati, S. Ceri, S. Paraboschi, and G. Goodman, “Concurrency Control and Recovery in Database Systems,” Addison Wesley Publishing Company, 1987, ISBN 0-201-10715-5.
121 Chi Wu-Lee and Gwan-Hwan Hwang, “Workflow Definition by Cloud
153
Collaboration,” Chi Wu-Lee and Gwan-Hwan Hwang, Technical Report,
National Taiwan Normal University, 2013.
http://www.csie.ntnu.edu.tw/~ghhwang/TR/CLWfDL_Technical_Report_2013_
08_06.pdf
122 F. Casati, S. Ceri, S. Paraboschi, and G. Pozzi, “Specification and implementation of exceptions in workflow management systems,” ACM Transactions on Database Systems, 24(3): 405-451, 1999.
123 B. Kiepuszewski, A. H. M. ter Hofstede, and C. Bussler, “On Structured Workflow Modelling,” The 12th International Conference on Advanced Information Systems Engineering (CAiSE), LNCS 1789, pp. 431-445, 2000.
124 Control Data Corporation, “ALGOL-60 version 5 reference manual,” CDC,
127 “JBoss, jBPM, jPDL,” http://www.jboss.org/jbpm/.
128 “YAWL System,” http://www.yawlfoundation.org/.
129 R. Vegesna, “Collaboration in Context: From the Desktop to the Cloud,” The
129 R. Vegesna, “Collaboration in Context: From the Desktop to the Cloud,” The