August 12, 2020

Decentralization as a tool for securing electronic commerce and business processes

Decentralization of responsibility for data processing has demonstrated its effectiveness in significant ridding blockchains and infrastructure networks,on which they function, from the possibility of being compromised. Excessive duplicated data processing and storage in blockchain networks complicate their compromise [1-3]. This is due to the fact that an attacker may need to compromise a significant number of nodes in the network in order to compromise the network as a whole. Compared to the task of compromising one processing node of a centralized network, the chances of compromising a decentralized network are significantly reduced as the number of nodes in it increases.

</p>

This paradigm can also be applied totechnological networks and work processes. This article discusses the potential of bringing the vulnerable tasks of technological processes into a decentralized form and the possibility of complicating their compromise in this new quality.

Many human activitiesorganized in the form of processes, and in many cases the compromise of the alleged stream result of the process leads to some loss of the benefits expected by the participants of the process [4,5]. Awareness of the importance of enhancing business processes or complicating their compromise in many areas of human activity and industry can entail significant consequences - it is even possible that they will surpass the impact that decentralized blockchain technology currently has on the world of financial applications.

1. Preparatory work for the safe management of business processes

Reflections on how to secure businessprocesses and tasks from internal and external threats in business are far from new [6-10]. Nevertheless, the early practice of reengineering business processes [11], and later the practice of managing business processes [12,13], focused mainly on improving these very processes by optimizing them, reducing redundancy and time intervals required for them performance. The goal, as a rule, was to provide an increase in cost by reducing the time cycle of the process, and not to make this process safer [11-13]. However, the losses that the process may suffer due to compromise can be just as significant. This was the impetus for research on the integration of security analysis into the business process management (BPM) cycle [6-10].

Neuebauer in his work, Safe Managementbusiness processes: a roadmap ”[6] presented a plan for the safe management of business processes (SBPM), which provides an integrated view of managing them in the light of the issue of security. The procedure for automatic verification of work processes presented by Ribeiro [7] should remain compatible with organizational security policies. In the procedure, the author used workflows defined using the Workflow Description Language (WPDL), as well as a security policy expressed as a security policy language (SPL). These tools and approaches allow some entities to integrate or factorize security analysis with business process management. However, with the exception of some more mature and formal approaches to BPM that clearly define methods for applying decomposition, optimizing, and reducing repetitive task levels as a means of improving process runtime cycles, there are few proposals or approaches aimed at improving the security of the overall process or the performance of a specific task .

In fact, some of the methods taughtyoung BPM analysts, in particular the removal of several approval levels, may well adversely affect security, even taking into account measures to improve optimization by providing operators with tasks of a higher class, as well as new incentives, training and technological tools.

Some of the tools available forsafety improvements in the process, focused on the application of technological tools to improve security tasks. Improving the resilience of tasks and operations to internal and external hacking through the use of advanced technologies, such as a more effective policy regarding passwords, data protection, disaster recovery, etc. - All these tools were used to improve the security of business processes.

One way or another, no safety was givenconsiderable attention where compromise could be due to the procedure itself or the actions of the operator, but not to the technical side of the process. The work of Weber [14] and Mendling [15], devoted to the use of blockchains and smart contracts in the process of process control, is one example of an approach to BPM, in which security can be enhanced by introducing it directly into the workflow itself using encoding in the form of smart contracts. However, the approach considered was not specifically aimed at making changes to the workflow in order to increase security.

In this document we offer an introductionparallel decentralization of individual tasks as a tool that can be deployed in order to make a specific task more resistant to compromise. The following section provides examples of situations in which decentralization of tasks may apply. The third section presents a mathematical analysis that demonstrates the appropriateness of the procedure for increasing the stability of tasks to compromise when they are performed. The section also provides an analysis of the potential impact of this procedure on the duration and cost of completing a task.

2. Use cases

Different types of assessments and audits with financialimperatives can benefit from decentralization. A centralized scenario is a scenario where the process owner sends one hired inspector to verify a number of key workflow results. In this case, the only object of compromise falling into the focus of attention of the opponent of the process is a person; in this case, the adversary can occupy both internal and external positions in relation to the process. In addition, a centralized audit could potentially be extremely costly, as the inspector may have to travel long distances to visit all points of the incidents, which can be very dispersed among themselves. Balancing the distribution of tasks facing the inspectorate may also seem difficult in relation to cyclical or seasonal incidents - the trained qualified personnel of the central inspectorate will have to be maintained even in those periods when the need for verification will be extremely small.

In a decentralized version, as shown inFig. 1, the necessary verification can be performed by any arbitrary plural of independent inspectors from the existing pool of inspectors at any place and at any time when verification is required. Compromising a process becomes more complex, as the success of a process may require compromising many random potential inspectors. This makes the compromise process more expensive and complicated from a technical point of view than would occur in its centralized version. The chances of compromise are greatly reduced when the process can be set up in such a way that its verification is transparent and unobtrusive, such that the attacker cannot easily identify probable participants in the inspector pool. In this case, the adversary of the process would have to multiply the costs of compromising one inspector by the total number of inspectors from the available reserve.

Redistribution of the inspection site inin a parallel, decentralized manner, this way can be performed with some commonality, regardless of whether an audit is carried out at the local government or district level, or whether a farm loan is assessed for compliance with the conditions for issuing it.

An example of a business process involving a task with a decision maker

The same business process with decentralized decision-making tasks

Another example is decision making tasks in a workplace.a process where a significant economically relevant decision made by the sole central decision maker is the target for compromise. In a centralized scenario, the decision maker may become the object of lobbying or, in extreme cases, receive certain financial incentives to make decisions that are not related to the intended objectives of the process.

In a decentralized scenario, any randomthe number of qualified decision-makers can be individually selected by the system for decision-making in each individual case. Then the final decision will be a combination of several decisions made by each qualified decision maker. The combination method may be some form of averaging or weighted averaging, depending on the history and qualifications of each decision maker. The process of combining parallel solutions into a single whole will be called the consensus method, by analogy with the blockchain language.

Opponent of the project, failingdetermine a priori which of the decision makers in the pool will be selected, will be forced to invest in bribing many decision makers in the pool in order to have a chance of success in compromising the process. Consequently, the costs of compromising a sufficient number of decision makers are likely to be more expensive than in the centralized case.

It turns out that the solution to the problem includesseveral types of tasks in processes where even an example of verification is a subset. Various representative decision-making situations may also fall into this category, including cases where decision-makers are elected through an electoral process. Subsequently, this task will be the focus of the model presented in the next section. The equations developed in this section are further illustrated by the consideration of decentralization, which is used to resolve disputes between the buyer and seller of electronic commerce.

3. Methodology

This will simulate the decentralization process,similar to that shown in Figure 1 and consisting of centralized decision making and assessment tasks. We will also assume that the solution is either a binary or a discrete variable, so that we can consider a simple consensus model in a decentralized equivalent. The consensus model for the current model will be the median value of all returned decision values.

Assume also that the node 2 of the process, consistingfrom the task of making a decision, it can be compromised if a sufficient incentive or other means are applied to the person making the decision. And what a compromise event e has a chance P (e), which is proportional to some financial costs Cincurred by an adversary of the process and is used to discredit the evaluators or the process as a whole. It is necessarily assumed that C ↑, P (e) ↑.

If the cost of a centralized task forSince the process owner is equal to S, it can be expected that the value of S may be available to reward decentralized valuers. S may be the salary received by the centralized appraiser, as well as other relevant administrative expenses, and may be considered as remuneration that can be shared by decentralized appraisers. Typically, the amount available for a decentralized task will not be open. The upper limit can be considered as S, or additional savings resulting from increased process safety, which more often provides the expected benefits to interested parties.

</p>

where y is the reward to each appraiser, and t = 1 / V, when the reward to decentralized appraisers is limited to S or may exceed S.

Process Safety Analysis

Suppose ∏ is a pool of available evaluators, and V- the number of actual evaluators who decide to participate in the assessment and decision-making process after applying the cutoff criterion. Based on the consensus method described above, in order for a decentralized process to be compromised, at least half of the V evaluators must consciously enter the same discrete discrete value. Therefore, the probabilities that centralized and decentralized structures will be compromised are listed below.

</p>

Given enough incidentsof the process and assuming that the quality of centralized and recognized decentralized appraisers is approximately the same, the decentralized task will become increasingly difficult to compromise as V. increases. Now let x be the participation coefficient. Then x = V / ∏.

Cost analysis

Suppose a compromised process leads tothe reward D of the opponent of the process, and the reward of the adversary from the process proceeding as directed, will be the quantity sD, where s is a fraction of the advantages of the process that the adversary will receive if the adversary is a participant in the process. The lower limit of the quantity s, its zero value is where the adversary does not receive any benefits from the normal course of the process, and in this case, as a rule, he is not a participant in this process. For the adversary of the process, the price of compromise should be lower than the benefits of compromising the process.

</p>

Now we look at some basic linearcorrelation between the costs used to compromise the task, and the probability of success. In addition, we will also consider a linear model of the relationship between remuneration and the number of evaluators who have decided to participate in the process.

</p>

In equation (4), Ce is the linear velocity, swhere the probability of compromise arises as the number of applied resources increases, and Cv is the speed with which the participation of the appraiser increases as the reward for participation increases. Equation (3) can be reformulated in the following form:

</p>

Equation (5) is important in that it shows thatunder the conditions set forth here, there is a level of participation or V number of evaluators under which the process theoretically cannot be compromised, given some potential benefit, D, which the adversary can get from compromising the process. In addition, it can be assumed that the resources available to strengthen the process should not exceed the size of the remuneration from the process.

</p>

Fig. 2. An illustration of the relationship between a) a sufficient number of decentralized parallel evaluators, the likelihood and cost of compromising the evaluator; and b) the limitation of the remuneration of the decentralized appraiser and the number of appraisers.

Hence,

</p>

</p>

This relationship shows the volume y requiredso that decentralized appraisal safety initiatives are cost effective. Figure 2 shows the relationship between the limits presented in equations (4) and (7).

Time analysis

Analysis of the impact of parallel decentralization onthe process task is more situational. It can be expected that the search for several appraisers compared to one centralized appraiser may result in some temporary penalty, even if these several appraisers perform their tasks in parallel. In the case of perfect parallelization, when all the evaluators are launched simultaneously with the start time of the task, the execution of which takes approximately the same, or in any case no longer than if the centralized operator performed it, then the execution time for the decentralized version will be the same, as for centralized. This is an ideal case. The task of the process designer will be to use technology and planning to get closer to these ideal conditions.

From a practical point of view, it turns out thatThere are several design features of the process that can be applied to a decentralized process, which can significantly reduce this time penalty or even potentially speed up the decentralized task. For example, if a centralized appraiser needs to travel to different places to complete these tasks, decentralized appraisers can be selected locally in each case so that they can potentially start an audit earlier and at a lower cost than in the centralized case.

4. Decentralization of the dispute resolution task in electronic commerce

This section provides an example of use.e-commerce to illustrate this method. One of these tasks is the main trading process between the buyer and seller. The immediate goal of the peer-to-peer market is to fulfill the task between the buyer and seller, without the need for an intermediary, i.e. third party involvement. This potentially reduces the cost of the process, but raises the question of how to establish trust between the two parties. Does the buyer risk sending the payment to the seller in advance, so that the seller does not deliver the promised goods or service, contrary to his promises? Or does the seller risk delivering the promised product or service that the buyer does not transfer the payment after he receives what he wants?

Figure 3. Illustration of a basic e-commerce process between a buyer and a seller through an automated platform with off-platform execution

An example of one of the most popular processes.e-commerce is a business managed by eBay, which requires the participation of a third party to facilitate the workflow: the third party acts primarily as a mediator and dispute resolution body. Combined with a reputation system tied to each party’s transaction history, this system has made eBay one of the most successful e-commerce platforms to date. The recently proposed solution [16,17] is trying to eliminate the intermediary and its attendant costs by using a secure automated deposit and NASH equilibrium scenario to direct both the buyer and the seller to act in their interests, completing the process [18 ]. During the process, both the buyer and seller leave in the escrow amount, slightly exceeding the direct cost of the product. Each of the deposit amounts is transferred to both parties upon successful completion of the process, which ensures that there is an incentive for both parties to act in accordance with the agreement - otherwise both will lose amounts exceeding what they will receive, putting each other at a disadvantage. Combined with the use of a reputation system, this diagram presents a scenario of game theory with NASH equilibrium for a given amount of escrow. However, such procedures are not yet used to a large extent on any mass platform, where most buyers and sellers are probably not willing to initially commit themselves in excess of the cost of the products they want to buy or sell in this process.

</p>

Fig. 4. Illustration of a dispute resolution decision (a) with a centralized single appraiser or arbitrator compared to (b) decentralized, including several randomly selected arbitrators

Process in which is useda decentralized dispute resolution body can provide a more cost-effective and more equitable method compared to a centralized dispute resolution scenario, in which, moreover, it is not necessary to invest in the process more than the cost of the item to be sold, as in the second scenario. This basic e-commerce process through an automated platform and payment system is shown in Figure 3. It is assumed that part of the shipment or delivery is external to the system. In this case, task C of the workflow represents a point of potential process compromise. The seller has the opportunity to get the value of the goods, D, by registering the shipment without completing it. Other options for compromising the task include the delivery of another product or a product of lower value. The buyer can also insure against non-compliance with the terms of the transaction by the fact that he has the opportunity to indicate that the goods were received with defects or not received at all, and the buyer will not receive the promised compensation for the goods (D). These trade-off scenarios often arise in commerce and often lead to disputes that are usually resolved by the platform operator.

As part of a general and centralized procedurethe arbiter employed by the platform reviews the claims of both parties, which may include evidence of shipment and photographs of the product, and makes a decision. In a decentralized equivalent, the decision-making task is distributed among several randomly selected independent appraisers, which can also be taken from the pool of buyers and sellers on the platform.

Like some existing todaye-commerce platforms, where buyers and sellers are willing to leave mutual reviews to build a reputation on both sides of the trading process, an incentive system similar to that given in equation (1) can also be developed for appraisers. As a reward, you can use tokens, points or another system of incentives built into the platform. The required number of valuers V for the fairness of the system can be estimated by equation (5). For small items, D, V could potentially be an operationally low number.

In this case, the gain for the whole processpotentially it will be the lower cost of the combined decentralized appraisers and the effect of crowd wisdom [19] when considering its decisions compared to the centralized equivalent. As illustrated in [19], “the phenomenon of crowd wisdom refers to the conclusion that the totality of the set of proposed solutions from a group of individuals works better than most individual decisions.”

In cases where a decentralized groupEvaluation experts give better results than the centralized process, the first process will often bring the expected benefits to the interested parties. Please note that this scheme can be used in combination with the method described in [16, 17, 20]. In this case, both the buyer and the seller can choose for themselves a solution to the problem, different from the one that will require investing in the product more than it costs, and at the same time will not include dispute resolution.

5. Conclusions

The degree to which compromise occursThe intent of a process in a limited ecosystem is usually a key indicator that also correlates with the degree of economic frustration and poverty in that ecosystem. Moving more human, business, electronic commercial and financial processes to a process with a higher degree of certainty, in which the process’s goal is less likely to be compromised or corrupt, will be of great importance for potential economic prosperity in areas where this technique can be applied .

This article examined the potentialusing decentralization of key vulnerable tasks of technological processes. In the procedure, the vulnerable task is decentralized using methods similar to how decentralization of the blockchain in infrastructure networks helps disperse points of attack in the network; but applies to process nodes, not infrastructure nodes. In this formulation, for a decentralized process node, several qualified processors can separately perform the node task simultaneously, so the process adversary does not have a central focal point or target that could potentially jeopardize the process.

The article presents the mathematical foundationsdecentralization of such processes and their imperatives in relation to safety, cost of the process, as well as the impact on the total time of the process. The model also shows that there is a threshold number of evaluators at which a decentralized process will be almost impossible to compromise compared to a centralized one. A model was presented to obtain this minimum level of participation, suggesting a linear relationship between the stimulus used by the adversary and the likelihood that any participant would be compromised. This process has also been illustrated by e-commerce applications; in particular, in the resolution of disputes between the buyer and seller. The possibility of decentralization of this task was considered, including the use of a model to determine the minimum number of assessment experts to achieve stable and reliable results. We believe that this tool can be useful for process developers, given that process safety can be as important as its effectiveness in areas such as e-commerce, business, finance, and many other types of processes.

References

[1] J. H. Park & ​​J. H. Park, “Blockchain Security in Cloud Computing: Use Cases, Challenges, Solutions,” Synmetry, Vol 9, Issue 164, pp 1-13, 2017.

[2] Z. Kakushadze & R. Russo, “Data Malls, Coin Economies and Keyless Payments,”Int. Journal of Network Security & Its Applications, vol. 9, Issue 3, pp. 1-9, 2018.

[3] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system.”, Available online at https://bitocin.org/en/bitcoin -paper. Accessed May 2017, 2008.

[4] K. Campbell, L. A. Gordon, M. P. Loeb, L. Zhou, “The economic cost of publicly announced information security breaches: Empirical evidence from the stock market,” Journal of Computer Security, vol. 11, pp. 431–448, 03 2003.

[5] M. Ettredge, V. J. Richardson, “Assessing the risk in e-commerce,” HICSS, p. 194, 05 2002.

[6] T. Neubauer, M. Klemen, S. Biffl, “Secure Business Process Management: A Roadmap,” Proceedings of the First International Conference on Availability, Reliability, and Security (ARES’06), 2006.

[7] G. Herrmann, “Security and integrity requirements of business processes- analysis and approach to support their realization,” Consortium on Advanced Information Systems Engineering, pp. 36–47, 1999.

[8] T. Kindler, T. A. Soyez, “Modeling security for integrated enterprise workflow and telecooperation systems,” IEEE Fifth Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 96), 06 1996.

[9] K. Knorr, “Security in Petri Net Workflows,” PhD Thesis, Mathematischnaturwissenschaftliche Facultaet der Universitaet Zuerich, 2001.

[10] C. Ribeiro, P. Guedes, “Verifying workflow processes against organization security policies,” IEEE, pp. 1-2, 1999.

[11] M. Hammer, J. Champy, Reengineering the Corporation - A Manifesto for Business Revolution. Harper, 1994.

[12] R. Aguilar-Saven, “Business process modeling: Review and framework”, Int. J. Production Economics 90, pp 129–149, 2004.

[13] R.G. Lee and B.G. Dale, “Business process management: a review and evaluation,”, Business Process Management Journal, Vol. 4 No. 3, pp. 214-225. 1998.

[14] I. Weber, X. Xu., R. Riveret., G. GovernatoriA. Ponomarev & J. Mendling, “Untrusted Business Process Monitoring and Execution Using Blockchain.” In: La Rosa, M., Loos, P. and Pastor, O. (eds.) Business Process Management. BPM 2016. Lecture Notes in Computer Science, Vol. 9850. Cham, Switzerland: Springer, pp. 329–247, 2016.

[15] J. Mendling., Et. Al. “Blockchains for Business Process Management - Challenges and Opportunities.” ACM Transactions on Management Information Ssytems, vol. 9. Available online: https://arxiv.org/pdf/1704.03610.pdf., 2017.

[16] Seong Yup Yoo, “NashX,” Online Illustration: http://nashx.com/HowItWorks, Accessed June 10 2017, 2013.

[17] The Dagger, “OneMarket: A Peer-to-Peer Internet Marketplace,” Online Article: https://bravenewcoin.com/assets/Whitepapers/cloakcoin-onemarket.pdf, Accessed June 12 2017.

[18] Jiawei Li, “On Equilibria of N-Seller and N-Buyer Bargaining Games”, Computing Research Repository, Vol. 2015, 1510, pp 1–13, 2015.

[19] Yi, Sheng Kung Michael; Steyvers, Mark; LeeMichael D .; Dry, Matthew J., “The Wisdom of the Crowd in Combinatorial Problems”. Cognitive science. Vol 36, Issue 3, https://doi.org/10.1111/j.1551-6709.2011.01223.x, pp 452-470, 2012.

[20] K. Alabi, “Digital Blockchain Networks Appear to be Following Metcalfe’s Law,: Electronic Commerce Research and Applications, Vol. 24, https://doi.org/10.1016/j.elerap.2017.06.06.003, pp 23-29, 2017.