Controlling break-the-glass through alignment

Onderzoeksoutput: Bijdrage aan tijdschriftTijdschriftartikelAcademicpeer review

333 Downloads (Pure)

Samenvatting

Modern IT systems have to deal with unpredictable situations and exceptions more and more often. In contrast, security mechanisms are usually very rigid. This causes organizations to employ functionality like break-the-glass that allows users to bypass security mechanisms in case of emergencies. However, break-the-glass introduces a weak point in the system and can be misused. In this paper, we present a flexible framework for controlling the use of break-the-glass using the notion of alignments. The framework measures to what extent a process execution diverges from the specification (i.e., using optimal alignments) and revokes the exceptional permissions granted to cope with the emergency when the severity of deviations cannot be tolerated. To measure the severity of deviations, we extend alignment-based deviation analysis techniques. In particular, our technique is able to identify high-level deviations such as activity replacements and swaps; hence it provides a more accurate diagnosis of deviations than classical optimal alignments. Our work is implemented as a ProM~6 plug-in and evaluated using both synthetic and real-life data.
Originele taal-2Engels
Pagina's (van-tot)198-212
Aantal pagina's15
TijdschriftAdvanced Science Express
Volume2
Nummer van het tijdschrift4
StatusGepubliceerd - 2013

Vingerafdruk

Duik in de onderzoeksthema's van 'Controlling break-the-glass through alignment'. Samen vormen ze een unieke vingerafdruk.

Citeer dit