Abstract
Security-by-design is an emerging paradigm that aims to deal with security concerns from the early phases of the system development. Although this paradigm can provide theoretical guarantees that the designed system complies with the defined processes and security policies, in many application domains users are allowed to deviate from them to face unpredictable situations and emergencies. Some deviations can be harmless and, in some cases, necessary to ensure business continuity, whereas other deviations might threat central aspects of the system, such as its security. In this paper, we propose a tool supported method for the identification of security-critical deviations in process executions using compliance checking analysis. We implemented the approach as part of the STS-Tool and evaluated it using a real loan management process of a Dutch financial institute.
Original language | English |
---|---|
Title of host publication | Information Systems in the Big Data Era - CAiSE Forum 2018, Proceedings |
Publisher | Springer |
Pages | 218-234 |
Number of pages | 17 |
ISBN (Print) | 9783319929002 |
DOIs | |
Publication status | Published - 1 Jan 2018 |
Event | 30th International Conference on Advanced Information Systems Engineering, CAiSE 2018 - Tallinn, Estonia Duration: 11 Jun 2018 → 15 Jun 2018 Conference number: 30 https://caise2018.ut.ee/ |
Publication series
Name | Lecture Notes in Business Information Processing |
---|---|
Volume | 317 |
ISSN (Print) | 1865-1348 |
Conference
Conference | 30th International Conference on Advanced Information Systems Engineering, CAiSE 2018 |
---|---|
Abbreviated title | CAiSE 2018 |
Country/Territory | Estonia |
City | Tallinn |
Period | 11/06/18 → 15/06/18 |
Internet address |