From security-by-design to the identification of security-critical deviations in process executions

Mattia Salnitri, Mahdi Alizadeh, Daniele Giovanella, Nicola Zannone, Paolo Giorgini

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

2 Citaten (Scopus)
3 Downloads (Pure)

Samenvatting

Security-by-design is an emerging paradigm that aims to deal with security concerns from the early phases of the system development. Although this paradigm can provide theoretical guarantees that the designed system complies with the defined processes and security policies, in many application domains users are allowed to deviate from them to face unpredictable situations and emergencies. Some deviations can be harmless and, in some cases, necessary to ensure business continuity, whereas other deviations might threat central aspects of the system, such as its security. In this paper, we propose a tool supported method for the identification of security-critical deviations in process executions using compliance checking analysis. We implemented the approach as part of the STS-Tool and evaluated it using a real loan management process of a Dutch financial institute.

Originele taal-2Engels
TitelInformation Systems in the Big Data Era - CAiSE Forum 2018, Proceedings
UitgeverijSpringer
Pagina's218-234
Aantal pagina's17
ISBN van geprinte versie9783319929002
DOI's
StatusGepubliceerd - 1 jan 2018
Evenement30th International Conference on Advanced Information Systems Engineering (CAiSE 2018) - Tallinn, Estland
Duur: 11 jun 201815 jun 2018
Congresnummer: 30
https://caise2018.ut.ee/

Publicatie series

NaamLecture Notes in Business Information Processing
Volume317
ISSN van geprinte versie1865-1348

Congres

Congres30th International Conference on Advanced Information Systems Engineering (CAiSE 2018)
Verkorte titelCAiSE 2018
LandEstland
StadTallinn
Periode11/06/1815/06/18
Internet adres

Vingerafdruk Duik in de onderzoeksthema's van 'From security-by-design to the identification of security-critical deviations in process executions'. Samen vormen ze een unieke vingerafdruk.

Citeer dit