Security-Oriented Workflows for the Social Sciences

Abstract

The service-oriented computing paradigm and its application to support e-Infrastructures offers, at least in principle, the opportunity to realise platforms for multi- and inter-disciplinary research. Augmenting the service-oriented model for e-Research are mechanisms for services to be coupled and enacted in a coordinated manner through workflow environments. Typically workflows capture a research process that can be shared and repeated by others. However, existing models of workflow definition and enactment assume that services are directly available and can be accessed and invoked by arbitrary users or enactment engines. In more security-oriented domains, such assumptions rarely hold true. Rather in many domains, service providers demand to be autonomous and define and enforce their own service / resource access control using locally defined policy enforcement points (PEP) and policy decision points (PDP) which allow access and usage of resources to be strictly monitored and enforced. In this paper, we outline how it is possible to support security-oriented workflow definition and enactment through chaining of PDPs to support “workflow-oriented” access control. To demonstrate this, we focus on a case study taken from the Economic and Social Science Research Council (ESRC) funded Data Management through e-Social Science (DAMES – www.dames.org.uk) project in the area of depression, self-harm and suicide.