Fair' Bpel Processes Transaction Using Non-repudiation Protocols

Abstract

The single most important invention that has completely revolutionized how business transactions are conducted is the internet. The fast paced technological advancement of web services standards and its tools have transformed the world wide web from information sharing platform to an extremely powerful and open ecosystem of e-services that not only delivers the information but also provide decision support, transactions and applications. There is a need for powerful protocols to achieve universal interoperability among web services and to provide a fair and secure and accountable environment. BPEL provides a language for the formal specification of business processes and business interaction protocols. In business transactions Non-repudiation is a serious and troublesome security issue in which any involved party denies having participated in a transaction. In this thesis - we propose and verify novel non-repudiation protocol specification in BPEL. We model non-repudiation protocols in BPEL and analyze those using Petri Nets. We also propose new Non-repudiation protocols for chain-linked business transactions. In a business transaction there may be more then one recipient and different messages to each of them. We therefore also propose protocols for multiple recipients. We show that the proposed protocols meet the security requirements and are terminated when anyone of the transactions fails, without losing fairness. Our proposed protocols fulfill the requirements of security, fairness, protection and timeliness in different scenarios. Computation load of originator and trusted third party are also reduced using these approaches. These protocols are modeled as Color Petri Nets to verify the reliability of the protocols. BPEL processes have been specified using these protocols.