Implementing Timed Petri Net in Security Information Systems

Abstract

A security information system is subject to the secrecy constraints and structural requirements of the current information being processed. Secrecy constraints characterize information based on its sensitivity. Structural requirements concern information processing controls which are dependent on context of the workflow. A workflow is a representation of an information process and is comprised of a set of tasks and a set of dependencies between the tasks. Dependencies fall into two broad categories: those determined by the order of task execution and those determined by secrecy constraints. A task is regarded as a set of timed Petri net components which have the ability to specify and verify time constraints in a workflow. The purpose of this paper is to investigate the possible use of the timed Petri net as a dynamic security protection mechanism in a security information system. The conclusion suggests a possible direction for further research.