From security-by-design to the identification of security-critical deviations in process executions

Mattia Salnitri, Mahdi Alizadeh, Daniele Giovanella, Nicola Zannone, Paolo Giorgini

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

1 Citation (Scopus)

Abstract

Security-by-design is an emerging paradigm that aims to deal with security concerns from the early phases of the system development. Although this paradigm can provide theoretical guarantees that the designed system complies with the defined processes and security policies, in many application domains users are allowed to deviate from them to face unpredictable situations and emergencies. Some deviations can be harmless and, in some cases, necessary to ensure business continuity, whereas other deviations might threat central aspects of the system, such as its security. In this paper, we propose a tool supported method for the identification of security-critical deviations in process executions using compliance checking analysis. We implemented the approach as part of the STS-Tool and evaluated it using a real loan management process of a Dutch financial institute.

Original languageEnglish
Title of host publicationInformation Systems in the Big Data Era - CAiSE Forum 2018, Proceedings
PublisherSpringer
Pages218-234
Number of pages17
ISBN (Print)9783319929002
DOIs
Publication statusPublished - 1 Jan 2018
Event30th International Conference on Advanced Information Systems Engineering (CAiSE 2018) - Tallinn, Estonia
Duration: 11 Jun 201815 Jun 2018
Conference number: 30
https://caise2018.ut.ee/

Publication series

NameLecture Notes in Business Information Processing
Volume317
ISSN (Print)1865-1348

Conference

Conference30th International Conference on Advanced Information Systems Engineering (CAiSE 2018)
Abbreviated titleCAiSE 2018
CountryEstonia
CityTallinn
Period11/06/1815/06/18
Internet address

Fingerprint

Deviation
Paradigm
Process Management
Security Policy
System Development
Emergency
Compliance
Industry
Necessary
Design

Cite this

Salnitri, M., Alizadeh, M., Giovanella, D., Zannone, N., & Giorgini, P. (2018). From security-by-design to the identification of security-critical deviations in process executions. In Information Systems in the Big Data Era - CAiSE Forum 2018, Proceedings (pp. 218-234). (Lecture Notes in Business Information Processing; Vol. 317). Springer. https://doi.org/10.1007/978-3-319-92901-9_19
Salnitri, Mattia ; Alizadeh, Mahdi ; Giovanella, Daniele ; Zannone, Nicola ; Giorgini, Paolo. / From security-by-design to the identification of security-critical deviations in process executions. Information Systems in the Big Data Era - CAiSE Forum 2018, Proceedings. Springer, 2018. pp. 218-234 (Lecture Notes in Business Information Processing).
@inproceedings{9c6ebdc0a6254c229e0f054814ff5a3a,
title = "From security-by-design to the identification of security-critical deviations in process executions",
abstract = "Security-by-design is an emerging paradigm that aims to deal with security concerns from the early phases of the system development. Although this paradigm can provide theoretical guarantees that the designed system complies with the defined processes and security policies, in many application domains users are allowed to deviate from them to face unpredictable situations and emergencies. Some deviations can be harmless and, in some cases, necessary to ensure business continuity, whereas other deviations might threat central aspects of the system, such as its security. In this paper, we propose a tool supported method for the identification of security-critical deviations in process executions using compliance checking analysis. We implemented the approach as part of the STS-Tool and evaluated it using a real loan management process of a Dutch financial institute.",
author = "Mattia Salnitri and Mahdi Alizadeh and Daniele Giovanella and Nicola Zannone and Paolo Giorgini",
year = "2018",
month = "1",
day = "1",
doi = "10.1007/978-3-319-92901-9_19",
language = "English",
isbn = "9783319929002",
series = "Lecture Notes in Business Information Processing",
publisher = "Springer",
pages = "218--234",
booktitle = "Information Systems in the Big Data Era - CAiSE Forum 2018, Proceedings",
address = "Germany",

}

Salnitri, M, Alizadeh, M, Giovanella, D, Zannone, N & Giorgini, P 2018, From security-by-design to the identification of security-critical deviations in process executions. in Information Systems in the Big Data Era - CAiSE Forum 2018, Proceedings. Lecture Notes in Business Information Processing, vol. 317, Springer, pp. 218-234, 30th International Conference on Advanced Information Systems Engineering (CAiSE 2018), Tallinn, Estonia, 11/06/18. https://doi.org/10.1007/978-3-319-92901-9_19

From security-by-design to the identification of security-critical deviations in process executions. / Salnitri, Mattia; Alizadeh, Mahdi; Giovanella, Daniele; Zannone, Nicola; Giorgini, Paolo.

Information Systems in the Big Data Era - CAiSE Forum 2018, Proceedings. Springer, 2018. p. 218-234 (Lecture Notes in Business Information Processing; Vol. 317).

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

TY - GEN

T1 - From security-by-design to the identification of security-critical deviations in process executions

AU - Salnitri, Mattia

AU - Alizadeh, Mahdi

AU - Giovanella, Daniele

AU - Zannone, Nicola

AU - Giorgini, Paolo

PY - 2018/1/1

Y1 - 2018/1/1

N2 - Security-by-design is an emerging paradigm that aims to deal with security concerns from the early phases of the system development. Although this paradigm can provide theoretical guarantees that the designed system complies with the defined processes and security policies, in many application domains users are allowed to deviate from them to face unpredictable situations and emergencies. Some deviations can be harmless and, in some cases, necessary to ensure business continuity, whereas other deviations might threat central aspects of the system, such as its security. In this paper, we propose a tool supported method for the identification of security-critical deviations in process executions using compliance checking analysis. We implemented the approach as part of the STS-Tool and evaluated it using a real loan management process of a Dutch financial institute.

AB - Security-by-design is an emerging paradigm that aims to deal with security concerns from the early phases of the system development. Although this paradigm can provide theoretical guarantees that the designed system complies with the defined processes and security policies, in many application domains users are allowed to deviate from them to face unpredictable situations and emergencies. Some deviations can be harmless and, in some cases, necessary to ensure business continuity, whereas other deviations might threat central aspects of the system, such as its security. In this paper, we propose a tool supported method for the identification of security-critical deviations in process executions using compliance checking analysis. We implemented the approach as part of the STS-Tool and evaluated it using a real loan management process of a Dutch financial institute.

UR - http://www.scopus.com/inward/record.url?scp=85048636334&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-92901-9_19

DO - 10.1007/978-3-319-92901-9_19

M3 - Conference contribution

AN - SCOPUS:85048636334

SN - 9783319929002

T3 - Lecture Notes in Business Information Processing

SP - 218

EP - 234

BT - Information Systems in the Big Data Era - CAiSE Forum 2018, Proceedings

PB - Springer

ER -

Salnitri M, Alizadeh M, Giovanella D, Zannone N, Giorgini P. From security-by-design to the identification of security-critical deviations in process executions. In Information Systems in the Big Data Era - CAiSE Forum 2018, Proceedings. Springer. 2018. p. 218-234. (Lecture Notes in Business Information Processing). https://doi.org/10.1007/978-3-319-92901-9_19