Security-enabled Enactment of Decentralized Workflows

Decentralized enactment of workflows is generally advocated for data intensive scientific applications. This approach offers a number of advantages including avoiding a single (centralized) point of failure, and associated (centralized) performance bottlenecks. However, such services are often assumed to be openly available with little or no security. This is increasingly not the case. Instead organizations and the services they offer require autonomous ways of defining and enforcing their own access control policies supporting fine-grained authorization. Tackling such scenarios raises many issues regarding workflow definition, enactment and potential re-enactment. This research explores the issues related to security-oriented decentralized workflow definition and enactment. The solution is respectful of the need for autonomy of service providers and allows each participating service to define their own access control policies. We also show how different security delivery models can be supported leveraging the pulling and pushing of security credentials.