Abstract
Organizations need to monitor their business processes to ensure that what actually happens in the system is compliant with the prescribed behavior. Deviations from the prescribed behavior may correspond to violations of security requirements and expose organizations to severe risks. Thus, it is crucial for organizations to detect and address nonconforming behavior as early as possible. In this paper, we present an auditing framework that facilitates the analysis of process executions by detecting nonconforming behaviors and ranking them with respect to their criticality. Our framework employs conformance checking techniques to detect possible explanations of nonconformity. Based on such explanations, the framework assesses the criticality of nonconforming process executions based on historical logging data and context information.
| Original language | English |
|---|---|
| Title of host publication | CODASPY 2016 - Proceedings of the 6th ACM Conference on Data and Application Security and Privacy |
| Place of Publication | New York |
| Publisher | Association for Computing Machinery, Inc |
| Pages | 130-132 |
| Number of pages | 3 |
| ISBN (Print) | 978-1-4503-3935-3 |
| DOIs | |
| Publication status | Published - 9 Mar 2016 |
| Event | 6th ACM Conference on Data and Application Security and Privacy, CODASPY 2016 - New Orleans, United States Duration: 9 Mar 2016 → 11 Mar 2016 |
Conference
| Conference | 6th ACM Conference on Data and Application Security and Privacy, CODASPY 2016 |
|---|---|
| Country/Territory | United States |
| City | New Orleans |
| Period | 9/03/16 → 11/03/16 |
Keywords
- Alignments
- Auditing
- Conformance checking
- Risk assessment