Jan Kubovy

Business Process Management for Knowledge Work: Considerations on Current Needs, Basic Concepts and Models

The portion of knowledge work is steadily increasing in today’s working environments in western societies. This needs to be respected in the supporting IT systems. Starting with the characteristics of knowledge work and the resulting needs of knowledge workers, we present and compare two current standardization efforts in area of Business Process Management (BPM) by the OMG—the Business Process Model and Notation (BPMN) and the Case Management Model and Notation (CMMN). We argue that a hybrid approach will not suffice in the future, but that there is rather a strong need for full integration.

How the Semantic Model Can Be Used

In this chapter, we discuss the advantages and possible uses of a formal semantic model of a business process modelling language like the one presented in Chap. 4.

Refinement of BPMN 2.0 Inclusive and Complex Gateway Activation Concept Towards Process Engine

This paper presents a possible refinement of Business Process Model and Notation (BPMN) Gateway activation concept for non-event-based gateways. The core refinement is the concrete formal definition of upstream token concept and calculation of the enabledness of an inclusive gateways (or also Or-Join) using modified Dijkstra’s algorithm. The introduced algorithm for upstream token calculation considers also situations where two or more gateways are mutually dependent.

A Formal Description of the ITIL Change Management Process Using Abstract State Machines

We suggest formalising Information Technology Infrastructure Library (ITIL) processes using the Business Process Model and Notation (BPMN) and the Abstract State Machine (ASM) method. We describe the benefits of our approach as well as the necessary prerequisites. We argue that such a formalisation will lead to a clearer understanding of the process and a reduction of ambiguity.

A Secure Token-Based Communication for Authentication and Authorization Servers

Today, software projects often have several independent subsystems which provide resources to clients. To protect all subsystems from unauthorized access, the mechanisms proposed in the OAuth2.0 framework and the OpenID Standard are often used. The communication between the servers, described in the OAuth2.0 framework, must be encrypted. Usually, this is achieved using Transport Layer Security (TLS), but administrators can forget to activate this protocol in the server configuration. This makes the whole system vulnerable. Neither the developer, nor the user of the system is able to check whether the communication between servers is safe. This paper presents a way to ensure secure communication between authentication-, authorization-, and resource servers without relying in on a correct server configuration. For this purpose, this paper introduces an additional encryption of the transmitted tokens to secure the transmission independently from the server configuration. Further this paper introduces the Central Authentication & Authorization System (CAAS), an implementation of the OpenId standard and the OAuth2.0 framework that uses the token encryption presented in this paper.

Horizontal Business Process Model Integration

Modelling business processes in general is a complex endeavour, as many different aspects such as the control flow, the management of data, event and message handling, actors and interaction, exception handling, etc. have to be taken into account, all of which require different models. This paper focuses on the horizontal integration of models for control flow, message flow, event handling, interaction, actors, data and exception handling. The method is based on Abstract State Machines (ASMs), which are used to formally define the semantics of each of the individual models. Throughout the process rigorous quality assurance methods will be applied.

Behavior-based Decomposition of BPMN 2.0 Control Flow

The Business Process Model and Notation (BPMN) is a well-established industry standard in the area of Business Process Management (BPM). However, still with the current version 2.0 of BPMN, problems and contradictions with the underlying semantics of the meta-model can be identified. This paper shows an alternative approach for modeling the BPMN meta-model, using behavior-based decomposition. The focus in this paper is on control flow. We use Abstract State Machines (ASM) to describe the decomposition of the merging and splitting behavior of the different BPMN flow node types, such as parallel, exclusive, inclusive and complex, as defined in the BPMN 2.0 standard, resulting in behavior patterns. Furthermore an example for the composition of different gateway types is given using these behavior patterns.

Modelling Semantics with Abstract State Machines

While we deem the Business Process Model and Notation (BPMN) 2.0 standard an important milestone in the evolution of business process modelling , we found numerous ambiguities, gaps and inconsistencies in the semantics described there (even though it claims that “the BPMN execution semantics have been fully formalized” (in version 2.0) [95, p. 10]). If we want to achieve uniform and unambiguous interpretation of models and reliable exchange of models between different tools, we need a consistent and unambiguous description of the semantics. Yet any such description of the semantics still has to be intelligible for a large class of potential readers and users.

A Discussion of BPMN 2.0

The semantic model for the Business Process Model and Notation (BPMN) 2.0 presented in Chap. 4 deviates from the OMG’s standard in several places. In this chapter, we discuss and justify those deviations. Furthermore, we discuss miscellaneous other features of BPMN 2.0 as it is and make further suggestions for improvements. A detailed specification of these further changes in terms of a formal, semantic model for business process diagrams in general will be subject to a separate publication.

Discussion of the Proposed Specification and Outlook

In this chapter, we discuss our approach, including the changes we propose for the Business Process Model and Notation (BPMN) . We further discuss future research work on several extensions to the core language which targets business process diagrams and primarily expresses the flow of activities.