Multi-version attack recovery for workflow systems

Meng Yu, Peng Liu, Wanyu Zang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

22 Scopus citations


Workflow systems are popular in daily business processing. Since vulnerabilities cannot be totally removed from a system, recovery from successful attacks is unavoidable. We focus on attacks that inject malicious tasks into workflow management systems. We introduce practical techniques for on-line attack recovery, which include rules for locating damage and rules for execution order. In our system, an independent intrusion detection system reports identified malicious tasks periodically. The recovery system detects all damage caused by the malicious tasks and automatically repairs the damage according to dependency relations. Without multiple versions of data objects, recovery tasks may be corrupted by executing normal tasks when we try to run damage analysis and normal tasks concurrently. We address the problem by introducing multiversion data objects to reduce unnecessary blocking of normal task execution and improve the performance of the whole system. We analyze the integrity level and performance of our system. The analytic results demonstrate guidelines for designing such kinds of systems.

Original languageEnglish (US)
Title of host publicationProceedings - 19th Annual Computer Security Applications Conference, ACSAC 2003
PublisherIEEE Computer Society
Number of pages9
ISBN (Electronic)0769520413
StatePublished - 2003
Event19th Annual Computer Security Applications Conference, ACSAC 2003 - Las Vegas, United States
Duration: Dec 8 2003Dec 12 2003

Publication series

NameProceedings - Annual Computer Security Applications Conference, ACSAC
ISSN (Print)1063-9527


Other19th Annual Computer Security Applications Conference, ACSAC 2003
Country/TerritoryUnited States
CityLas Vegas

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Software
  • Safety, Risk, Reliability and Quality


Dive into the research topics of 'Multi-version attack recovery for workflow systems'. Together they form a unique fingerprint.

Cite this