Towards security in decentralized workflows

In decentralized workflows no single point of control exists, instead, the workflow specification itself travels from service to service. Every service must thus be able to understand, process and forward a token called a process slip. Such a process slip is a digital representation of what is traditionally used in paper-based workflows. In previous work we have sketched a workflow execution mechanism which involves the usage of a digital process slip. However, there we have only described possible techniques which can guarantee the secure execution of a workflow in a distributed environment but it is not clear yet how cryptographic operations have to be applied to it in order to actually fulfill the security requirements. In this paper we give an example how this mechanism can be applied to an example scenario of booking and accounting a business trip. We will also demonstrate how our container can be used for specifying step-based policy rules and how additional security properties such as traceability and anonymity can be ensured.