| As the product of the combination of workflow management technology and mobile agent technology, migrating workflow technology can automatic handle the business processes. Migrating Workflow system is more flexible, intelligent and efficient. Currently it has been applied to many fields, such as e-commerce.In migrating workflow system, the security issues cannot be ignored. Especially the introduction of mobile agent technology makes the security problems in migrating workflow more difficult to solve. In migrating workflow system, the security issues between migrating instance and workplace is a new field that has never seen before. As the carrier of task, migrating instance migrate and execute in the workplace. All tasks of migrating instance need to be completed by the workplace, so the workplace masters the migrating instance fully. Therefore, threats migrating instance faces are most and difficult. If security problems are not solved, the migrating workflow is difficult to apply to practice. Traditional security studies generally tend to use the detection method protect migrating instance, and these methods are passive. Risk assessment should be added to the protection for migrating instance. So we can advance understanding of the security situation and potential risks. Currently, the study of risk assessment for migrating workflow is rare and far from perfect.This paper proposes the idea that uses the risk assessment to protect migrating instance. Risk assessment is a prior and positive protection method. It can advance understand the risk and the loss after risk occurs in the system, so the subject to be protected can avoid risk. The risk assessment for migrating instance also can provide the basis for the security strategy. Ideal result of risk assessment can enhance our confidence in the safety of the system. The paper analyzes the threats that exist in migrating workflow system. We applied the risk assessment technology to the security study of migrating workflow and use the risk assessment method protects the migrating instance. This paper proposes the risk assessment model for migrating instance, including risk assessment factors relation model, risk assessment process model and risk assessment calculation model. Then we design the risk assessment method for migrating instance and give a detailed description of all steps in this method including the preparations, assets identification, vulnerability identification, threat identification, risk calculation and risk treatment. Considering the continuous occurrence of threats, we propose a new formula to calculate the severity of threats. And the new formula can describe the threats more accurately.Based on the risk assessment method we proposed, we improve the migrating workflows systems of our laboratory by adding contents of risk assessment. Finally we verify the risk assessment method by simulation. The result shows that risk assessment method for migrating instance can predict risk and ensure the safety of migrating instance. |
