| 摘要 |
There are provided a method, a system and an initiator server for a secure execution of workflow tasks of a workflow to be executed according to a given execution pattern in a distributed workflow management system within a decentralized network system with a plurality of servers (b0, b1, . . . , bn) including at least an initiator server and at least a number of groups of servers of the plurality of servers. Each group satisfies a policy (poli) of a vertex, and thus, knows a corresponding policy key pair including a policy private key (SKpoli) and a policy public key (PKpoli), respectively. Each vertex denotes a set of workflow tasks to be executed in accord with the execution pattern and is assigned a vertex key pair including a vertex private key and a vertex public key. The vertex private keys and the policy public keys are jointly encrypted within a first onion structure, the first onion structure being built up of a number of onion layers representing the execution pattern which defines a succession of vertices such that each layer is decryptable by using the policy private key of exactly one vertex thus revealing the corresponding vertex private key. |
| 主权项 |
1. A method for a secure execution of workflow tasks of a workflow to be executed according to an execution pattern in a distributed workflow management system within a decentralized network system with a plurality of servers (b0, b1, . . . , bn)including at least an initiator server and at least one or more groups of servers, the execution pattern being stateless such that, upon completion of required workflow tasks, each server sends all workflow data to a next server and is able to go offline during a remainder of the execution pattern, the initiator server executing a first set of the workflow tasks, each of the one or more groups of servers satisfying a policy (poli) of a vertex (vi), and thus, knowing a corresponding policy key pair including a policy private key (SKpoli) and a policy public key (PKpoli), wherein each vertex (vi) denotes a set of workflow tasks to be executed in accordance with the execution pattern and is assigned a vertex key pair including a vertex private key (SKi) and a vertex public key (PKi), and wherein vertex private keys and policy public keys are jointly encrypted within a first onion structure (Od), the first onion structure (Od) being built up of a number of onion layers representing the execution pattern that defines a succession of vertices such that each onion layer is decryptable by using the policy private key of exactly one vertex (vi), thus revealing a corresponding vertex private key (SKi), the method comprising, starting at an i'th server, the i'th server being different than the initiator server, being a server of one of the one or more groups of servers, and being assigned at runtime based on a service discovery mechanism in accordance with the execution pattern to execute one vertex of the workflow, the policy comprising credentials the i'th server satisfies in order to be assigned to a respective vertex, called herein the i'th vertex, at least the following operations:
receiving, over a network at the i'th server, the first onion structure (Od) with an outermost layer including an i'th vertex private key (SKi) and encrypted with an i'th policy public key (PKpoli); receiving, over the network at the i'th server, the workflow originating from the initiator server, the workflow including all of the workflow data, wherein all of the workflow data includes a subset of workflow data encoded by an i'th vertex public key (PKi); decoding, at the i'th server, the i'th vertex private key (SKi) by using a known i'th policy private key (PKpoli); decoding, at the i'th server, the workflow data encoded by the i'th vertex public key (PKi) from the workflow by using the i'th vertex private key (SKi); processing, at the i'th server, a second onion structure (Opi−1) to verify an integrity of the workflow data, the second onion structure (Op) being built at each execution step with vertex private keys based on the execution pattern and being initialized by the initiator server, so that the i'th server (bi) receives the second onion structure (Opi−1) with (i−1) layers and encodes the second onion structure (Opi−1) to provide the extended second onion structure (Opi) by encrypting an upper layer with the i'th vertex private key (SKi) to extend the second onion structure (Opi−1) up to i layers sent to at least one (i+1)'th server as one server of the one or more groups of servers satisfying a policy (poli+1) of an (i+1)'th vertex (vi−1) as the next vertex in the succession of vertices upon completion of the i'th vertex; encoding, at the i'th server, the second onion structure (Opi−1) to provide an extended second onion structure (Opi); based on verifying, executing the i'th vertex (vi) and processing, at the i'th server, decoded workflow data accordingly; updating, at the i'th server, the workflow according to an executed i'th vertex (vi) and processed workflow data to provide an updated workflow; assigning at least one (i+1)'th server of one of the one or more groups of servers based on the service discovery mechanism in accord with the execution pattern; and sending the updated workflow, a partly decoded first onion structure (Od), and the extended second onion structure (Opi) to the at least one (i+1)'th server, the (i+1)'th server being a server of one of the one or more groups of servers satisfying a policy (poli+1) of an (i+1)'th vertex (vi+1) as a next vertex in the succession of vertices. |
