Towards Authenticity and Privacy Preserving Accountable Workflows


Towards Authenticity and Privacy Preserving Accountable Workflows


David Derler (IAIK, Graz University of Technology), Christian Hanser (IAIK, Graz University of Technology), Henrich C. Pöhls (Institute of IT-Security and Security Law, University of Passau), Daniel Slamanig (IAIK, Graz University of Technology)


Efficient and well structured business processes (and their corresponding workflows) are drivers for the success of modern enterprises. Today, we experience the growing trends to have IT supported workflows and to outsource enterprise IT to the cloud. Especially when executing (interorganizational) business processes on third party infrastructure such as the cloud, the correct execution and documentation become very important issues. To efficiently manage those processes, to immediately detect deviations from the intended workflows and to hold tenants (such as the cloud) accountable in such (decentralized) processes, a mechanism for efficient and accountable monitoring and documentation is highly desirable. Ideally, these features are provided by means of cryptography in contrast to organizational measures.
It turns out that variants of malleable signature schemes, i.e., signature schemes where allowed modifications of signed documents do not invalidate the signature, as well as proxy (functional)signature schemes, i.e., signature schemes which allow the delegation of signing rights to other parties, seem to be a useful tool in this context. In this paper, we review the state of the art in this field, abstractly model such workflow scenarios, investigate desirable properties, analyze existing instantiations of aforementioned signature schemes with respect to these properties, and identify interesting directions for future research.


10th IFIP International Summer School (

Place and Date 

Edinburgh, UK, August 16-21, 2015