The Security-oriented Workflow Library (SEWOL) provides support for the handling of workflow traces. It allows to specify the shape and content of process traces in terms of entries representing the execution of a specific workflow activity. SEWOL also allows to write these traces on disk. For this it uses a specific file writer for process logs. Currently it supports plain text, Petrify, MXML and XES log file types.
In order to specify security-related context information, SEWOL provides access control models such as access control lists (ACL) and role-based access control models (RBAC). All types of models can be conveniently edited with the help of appropriate dialogues.
This document is a mix of programming tutorial and library documentation, where the features are demonstrated with some visualisations and minimal programming code examples.
The examples in this document have been tested against the SEWOL release version 1.0.0, which can be found at https://github.com/iig-uni-freiburg/SEWOL. This document was last updated on July 29, 2015.
1.1 Library Dependencies
SEWOL builds upon the following tools. To use SEWOL, make sure all these libraries are included in the classpath.
- TOVAL, located at https://github.com/GerdHolz/TOVAL
- JAGAL (Java Graph Library), located at https://github.com/iig-uni-freiburg/JAGAL
- OpenXES, located at http://www.xes-standard.org/openxes/ and enclosed by the SEWOL library
- Spex, located at http://code.deckfour.org/Spex/ and enclosed by the SEWOL library
- Google Guava, located at https://github.com/google/guava
- XStream, located at http://xstream.codehaus.org/
- Jung 2, located at http://jung.sourceforge.net/
1.2 Package Structure
The packages in de.uni.freiburg.iig.telematik.sewol are logically divided into the following sub-packages.
The package accesscontrol defines different access control models like access control lists (ACL) and role-based access control models (RBAC). The sub-package graphic con- tains graphical dialogues to conveniently edit the access control models. The package context contains a data usage context for processes (ProcessContext), which extends TOVAL’s SOABase (list of possible subjects, objects, and activities) by data usage modes (read, write, create, and delete) for activities.
The data structure of workflow traces is defined within the package log. The package format contains the file format definitions for logs in the plain (whitespace-separated lists of activities), Petrify, MXML, and XES file format. These file formats are used by the parsing classes in the package parser and the serializing classes in the package writer. Helper classes can be found in the util package.