Академический Документы
Профессиональный Документы
Культура Документы
Abstract – The aim of this paper is to solve solution has been developed in accordance with
the problems related to integrity, security, business policies, rules and regulations, so the
authenticity and non-repudiation of prevalent requirement of Business Process Reengineering
ERP based e-business application solution in (BPR) is negligible [1]. Concept mapping
Indian perspective. Traditional approaches and technique has been used to enhance the design
methodologies for implementing e-business aspect of workflow management system.
solution have rarely achieved the requisite
solution to the above problems even with the The implementation is a significant step
role based access control system. We have forward towards the development of a low-cost,
explored a methodology which emphasizes user friendly solution having the movement of
authentication in e-business with design of digital files duly signed electronically, using
intelligent system. It ambitiously replaces the Digital Signature based on PKCS #12
present day written signature authentication standards, in a hierarchical system.
process with digital signatures having full
compliance to integrity, security, authenticity II. OBJECTIVE
and non-repudiation. The design also models The prime objectives of the proposed model
in-depth functionalities, audit trail and keeps was to develop e-business solution with the
track of evidences of document tampering from following benefits:
any sources after the digital signature is placed To computerize each and every processes of the business.
in the system. The model is implemented
successfully and is found to be at par with the To improve efficiency, consistency and effectiveness of
prevalent written signature authentication business processes.
system. We outline the plausible future work to
model it for e-Governance system in Indian To reduce turnaround time.
perspective. To provide effective resource management to improve the
quality of administration.
Keywords: e-business; security; open-source;
e-commerce; digital signature; ERP To reduce processing delays.
350
view and passes it to the model for various subtasks constituting the
appropriate actions. After the action process. Workflow provides a
has been taken the controller is common representation of subtask’s
responsible for directing the structure among the actors involved
appropriate view to the user. in the process.
350
and subtask from department to department to electronic signature technologies do not address
achieve intended status. the integrity of the digital signature itself. Our
model addresses to this problem by encrypting
There must be a task manager mechanism
the digital signature itself by password
which generates the tasks, splits them into
protected private key of the signer. When the
subtasks, assigns status to the tasks, subtask and
document is received by the intended recipient
coordinates the sending and receiving of the
it decrypts the digital signature by using public
tasks from department to department and among
key of the sender. Thus the sender of the
the users of the same department. This sending
document is bound to the contents of the
and receiving of the task is associated with the
document. This addresses the authenticity of the
system generated pdf reports and approval note-
signer. The user enters the system with his/her
sheets to be digitally signed. This is the locus of
password and then only he is able to download
the entry of the application of digital signature
the document to be digitally signed with time-
to digitally sign the system generated reports.
stamping. After he/she puts his/her digital
Such reports are digitally preserved in the
signature on the document, he/she forwards it to
system for future use. The reports here imply
the next level of hierarchy. During forwarding,
any kind of MIS model, documents, forms etc.
the system validates if the UID of the digital
The top down approach is to be assumed signature is bound to the user which, in turn,
during the process modeling, a candidate work gives solution to the problem of nonrepudiation.
flow task as resulted from analysis phase is now The signing and verification process is as
decomposed into subtasks. A set of described in Section III (A) that keeps the
decomposition criteria to be considered are: integrity and security of the document intact.
Subtasks must add status and value to the process.
C. Key Management
Subtask improves readability and
The digital signature solution imbibed in the
understanding the design documents. system uses Public Key Infrastructure (PKI)
Modularization of subtask with concept for the management of complete
development. Each subtask must not have 4-5 simpler of digital signature. The key
ecosystem
tasks. management system has a software module
Flexible. which functions as Certificate Authority (CA)
High cohesion, low coupling. that issues and verifies the digital certificates.
Our solution uses control aspect model for There is a Registration Authority (RA) which
designing the workflow. verifies the identity of the individual and
ensures that the public key is bound to the
3) Implementation: Implementing a individual to which CA has issued digital
workflow for a complex business system and certificate. Fig. 2 depicts the process.
integrating it with an existing legacy
information system requires a specific approach A secured central repository is maintained in
to have expected benefits and seamless the system which is used for validating the key-
execution. The development of such a system user binding. The system has a digital certificate
can be used for modeling any work process and policy defined by the competent authority
identify the critical issues which needs to be legally vetted by Legal Advisor. The policy
addressed for improving the process [2-4]. The defines issuance, distribution, validity, number
work process is broken into subtasks with of bits key, signature algorithm used, storage,
corresponding identification code and status. certificate reissuance and revocation rules.
350
representation of the workflow model is Fig. 3. System architecture of the proposed model
provided in Fig. 4.
VI.ADVANTAGES AND
DISADVANTAGES
The following are some of the advantages
and disadvantages of the model:
A. Advantages
Conceptually similar to the existing
manual workflow process.
Improves efficiency, consistency and
effectiveness of business processes.
Reduce turnaround time and processing
delays.
350
Provides high security and effective (BPR). Similar approach can be extended for
resource management to improve the eGovernance system in Indian perspective for
quality of business administration. government offices wherein signed approvals
Establish transparency and accountability. from the competent authority is a mandatory
process.
High cohesion and low coupling model.
Helps in modular development, ACKNOWLEDGMENT
deployment and implementation.
We would like to express the deepest
Reduces the extent of Business Process gratitude to our Executive Director Col. (Retd.)
Reengineering (BPR). A. K. Nath who has the attitude and the
Less paper office. substance of a genius for extending his
Inbuilt digital preservation of digitally technical guidance and persistent help to design,
signed official records. develop and implement the module, without
which this execution would not have been
Easy search and retrieval of the official possible. In addition, we thank all the team
documents. mates who made full effort to develop and
implement the model successfully.
B. Disadvantages Lack of flexibility to handle
exceptional situations out of the normal REFERENCES
workflow. [1] A.I. Anton, W.M. McCracken and C. Potts, “Goal
decomposition and scenario analysis in business
process reengineering”, in Proceedings of the 6th
VII. CONCLUSION International Conference on Advanced Information
The design, development and Systems Engineering, CAiSE’94, Utrecht, The
implementation of the above described model Netherlands, June 6-10, 1994..
has encompassed efficiency, consistency, [2] Medina-Mora, T. Winigrad, R. Flores and F. Flores,
accountability and transparency in the business “The Action Workflow Approach to Workflow
Management Technology”, In Proceedings of the
processes. As the modules are highly cohesive 1992 ACM conference on Computer-supported
with low coupling nature, incremental cooperative work, CSCW ’92, Toronto, Canada,
development and deployment of the modules ISBN 0-89791-542-9, pp 281-288.
can be carried out easily. The application of [4] Wil M.P. van der Aalst, Mathias Weske and Guido
digital signature has made the solution secure, Wirtz, “Advanced Topics in Workflow
authentic and accountable. It is advisable to Management: Issues, Requirements, and Solutions”,
Journal of Integrated Design and & Process Science,
have detailed study of the existing workflow Vol. 7, Issue 3, pp 4977, August 2003.
model before the designing phase. This reduces
[5] Adobe Systems, PDF-Reference 1.7,2006.
the need of Business Process Reengineering
[6] Adobe Systems, PDF 320001:2008.
[3] S. Jablonski and C. Bussler, Workflow Management: Modeling Concepts, Architecture and Implementation,
International Thomson Computer Press, 1996.
350