pe-bpmn-editor_restrictions
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
pe-bpmn-editor_restrictions [2018/04/20 05:17] admin |
pe-bpmn-editor_restrictions [2020/03/17 18:21] (current) pullonen [Type Checking] |
||
|---|---|---|---|
| Line 19: | Line 19: | ||
| The stereotypes have specific integrity constraints that should be followed for the privacy model to be | The stereotypes have specific integrity constraints that should be followed for the privacy model to be | ||
| syntactically correct. They require inputs and generate outputs that need to be consistent to capture the | syntactically correct. They require inputs and generate outputs that need to be consistent to capture the | ||
| - | meaning of the stereotyped activity. For instance, [[pe-bpmn-editor_pkencrypt|PKEncrypt]] requires an input of data in plaintext and a publicKey and results in a ciphertext, encryptedData . We expect that the public key input to [[pe-bpmn-editor_pkencrypt|PKEncrypt]] is fixed as [[pe-bpmn-editor_pkpublic|PKPublic]] . In addition, for many stereotypes we also need to verify that the input is indeed of the type claimed on the model. e.g. that an input to [[pe-bpmn-editor_pkdecrypt|PKDecrypt]] has indeed come from [[pe-bpmn-editor_pkencrypt|PKEncrypt]] or [[pe-bpmn-editor_pkcomputation|PKComputation]] and is a ciphertext. Under each stereotype it is described the input and output types that the tasks expect and it can be used as a reference to see which sequences of stereotypes are valid on the model. The label data can apply to any data object on the model meaning that there are no restrictions on the inputs and the output is treated as having no protection mechanism. For [[pe-bpmn-editor_pkdecrypt|PKDecrypt]] we also require that the private key (of type [[pe-bpmn-editor_pkprivate|PKPrivate]] ) that is used to decrypt forms a key pair with the public key (of type [[pe-bpmn-editor_pkpublic|PKPublic]] ) that was used to initially encrypt the data. For computations of [[pe-bpmn-editor_pkcomputation|PKComputation]] type we expect that all ciphertext inputs correspond to encryptions using the same public key and the output is then also considered to use the same key. | + | meaning of the stereotyped activity. For instance, [[pe-bpmn-editor_pkencrypt|PKEncrypt]] requires an input of data in plaintext and a publicKey and results in a ciphertext, encryptedData . We expect that the public key input to [[pe-bpmn-editor_pkencrypt|PKEncrypt]] is fixed as [[pe-bpmn-editor_pkpublic|PKPublic]] . In addition, for many stereotypes we also need to verify that the input is indeed of the type claimed on the model. e.g. that an input to [[pe-bpmn-editor_pkdecrypt|PKDecrypt]] has indeed come from [[pe-bpmn-editor_pkencrypt|PKEncrypt]] or [[pe-bpmn-editor_pkcomputation|PKComputation]] and is a ciphertext. Under each stereotype it is described the input and output types that the tasks expect and it can be used as a reference to see which sequences of stereotypes are valid on the model. The label data can apply to any data object on the model meaning that there are no restrictions on the inputs and the output is treated as having no protection mechanism. For [[pe-bpmn-editor_pkdecrypt|PKDecrypt]] we also require that the private key (of type [[pe-bpmn-editor_pkprivate|PKPrivate]] ) that is used to decrypt forms a key pair with the public key (of type [[pe-bpmn-editor_pkpublic|PKPublic]] ) that was used to initially encrypt the data. For computations of [[pe-bpmn-editor_pkcomputation|PKComputation]] type we expect that all ciphertext inputs correspond to encryptions using the same public key and the output is then also considered to use the same key. For example, [[https://pleak.io/app/#/view/OvtURrrgJkVs-jddS3Hx |this model]] is mixing up the keypairs and gives an error when PE-BPMN analysis is attempted. |
| In short, it can be said that the protection mechanism (or protection type task) on the model limits the | In short, it can be said that the protection mechanism (or protection type task) on the model limits the | ||
| correct processing of the protected data and can define parameters that need to be checked in computation | correct processing of the protected data and can define parameters that need to be checked in computation | ||
| - | or opening phases. There are also conditions that need to hold for the opening stereotypes to make protected data public or for the computation stereotypes to be able to perform the computations and these aro also described under each stereotype. | + | or opening phases. There are also conditions that need to hold for the opening stereotypes to make protected data public or for the computation stereotypes to be able to perform the computations and these are also described under each stereotype. |
| ===== Grouped Stereotypes ===== | ===== Grouped Stereotypes ===== | ||
| Line 43: | Line 43: | ||
| tasks) in models with gateways when we have no start event to begin the check from. | tasks) in models with gateways when we have no start event to begin the check from. | ||
| - | Validation results are reported as a list of errors (colored red) and warnings (colored orange) or as | + | Validation results are reported as a list of errors (coloured red) and warnings (coloured orange) or as |
| a success message "Passed validation". | a success message "Passed validation". | ||
pe-bpmn-editor_restrictions.1524190626.txt.gz ยท Last modified: 2019/10/01 13:53 (external edit)
Page Tools
