Attribute-based security verification of business process models

Nikolaos Argyropoulos; Haralambos Mouratidis; Andrew Fish

doi:10.1109/CBI.2017.37

Attribute-based security verification of business process models

Nikolaos Argyropoulos, Haralambos Mouratidis, Andrew Fish

Research output: Chapter in Book/Conference proceeding with ISSN or ISBN › Conference contribution with ISSN or ISBN › peer-review

Abstract

Business processes, as the instruments used by organisations to produce value, need to comply with a number of internally and externally imposed standards and restrictions. Since the majority of such processes involve the exchange of sensitive third party information, their compliance to security constraints needs to be verified before they can be implemented. Current attempts for the verification of security compliance of design-time business process models involve the transformation of both the model and the desired security properties into formal specifications, which can be then used as input for automated model checkers. Such an approach is usually costly both in terms of time and specialised knowledge, while also its coverage can be limited to specific types of security requirements. In this work we introduce an approach for the verification of security in business process models based on structural properties of the workflow of the process. To that end, we introduce a series of attributes to existing BPMN 2.0 concepts and algorithms for checking the compliance of a process model against the most common security requirements. Finally, a real-world business process is used to demonstrate and evaluate the applicability of our proposal.

Original language	English
Title of host publication	Proceedings - 2017 IEEE 19th Conference on Business Informatics, CBI 2017
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	43-52
Number of pages	10
Volume	1
ISBN (Electronic)	9781538630341
DOIs	https://doi.org/10.1109/CBI.2017.37
Publication status	Published - 14 Aug 2017
Event	19th IEEE Conference on Business Informatics, CBI 2017 - Thessaloniki, Greece Duration: 24 Jul 2017 → 27 Jul 2017

Publication series

Name	Conference on Business Informatics
Publisher	IEEE
ISSN (Print)	2378-1963
ISSN (Electronic)	2378-1971

Conference

Conference	19th IEEE Conference on Business Informatics, CBI 2017
Country/Territory	Greece
City	Thessaloniki
Period	24/07/17 → 27/07/17

Bibliographical note

© 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including
reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Keywords

BPMN
Business Process Modelling
Business Process Security
Security Verification

Access to Document

10.1109/CBI.2017.37

CBI17Accepted author manuscript, 328 KB

Cite this

@inproceedings{7477e2723da34b04a4269ff423558d47,

title = "Attribute-based security verification of business process models",

abstract = "Business processes, as the instruments used by organisations to produce value, need to comply with a number of internally and externally imposed standards and restrictions. Since the majority of such processes involve the exchange of sensitive third party information, their compliance to security constraints needs to be verified before they can be implemented. Current attempts for the verification of security compliance of design-time business process models involve the transformation of both the model and the desired security properties into formal specifications, which can be then used as input for automated model checkers. Such an approach is usually costly both in terms of time and specialised knowledge, while also its coverage can be limited to specific types of security requirements. In this work we introduce an approach for the verification of security in business process models based on structural properties of the workflow of the process. To that end, we introduce a series of attributes to existing BPMN 2.0 concepts and algorithms for checking the compliance of a process model against the most common security requirements. Finally, a real-world business process is used to demonstrate and evaluate the applicability of our proposal.",

keywords = "BPMN, Business Process Modelling, Business Process Security, Security Verification",

author = "Nikolaos Argyropoulos and Haralambos Mouratidis and Andrew Fish",

note = "{\textcopyright} 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. ; 19th IEEE Conference on Business Informatics, CBI 2017 ; Conference date: 24-07-2017 Through 27-07-2017",

year = "2017",

month = aug,

day = "14",

doi = "10.1109/CBI.2017.37",

language = "English",

volume = "1",

series = "Conference on Business Informatics",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "43--52",

booktitle = "Proceedings - 2017 IEEE 19th Conference on Business Informatics, CBI 2017",

}

Argyropoulos, N, Mouratidis, H & Fish, A 2017, Attribute-based security verification of business process models. in Proceedings - 2017 IEEE 19th Conference on Business Informatics, CBI 2017. vol. 1, 8010705, Conference on Business Informatics, Institute of Electrical and Electronics Engineers Inc., pp. 43-52, 19th IEEE Conference on Business Informatics, CBI 2017, Thessaloniki, Greece, 24/07/17. https://doi.org/10.1109/CBI.2017.37

Attribute-based security verification of business process models. / Argyropoulos, Nikolaos; Mouratidis, Haralambos; Fish, Andrew.
Proceedings - 2017 IEEE 19th Conference on Business Informatics, CBI 2017. Vol. 1 Institute of Electrical and Electronics Engineers Inc., 2017. p. 43-52 8010705 (Conference on Business Informatics).

Research output: Chapter in Book/Conference proceeding with ISSN or ISBN › Conference contribution with ISSN or ISBN › peer-review

TY - GEN

T1 - Attribute-based security verification of business process models

AU - Argyropoulos, Nikolaos

AU - Mouratidis, Haralambos

AU - Fish, Andrew

N1 - © 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

PY - 2017/8/14

Y1 - 2017/8/14

N2 - Business processes, as the instruments used by organisations to produce value, need to comply with a number of internally and externally imposed standards and restrictions. Since the majority of such processes involve the exchange of sensitive third party information, their compliance to security constraints needs to be verified before they can be implemented. Current attempts for the verification of security compliance of design-time business process models involve the transformation of both the model and the desired security properties into formal specifications, which can be then used as input for automated model checkers. Such an approach is usually costly both in terms of time and specialised knowledge, while also its coverage can be limited to specific types of security requirements. In this work we introduce an approach for the verification of security in business process models based on structural properties of the workflow of the process. To that end, we introduce a series of attributes to existing BPMN 2.0 concepts and algorithms for checking the compliance of a process model against the most common security requirements. Finally, a real-world business process is used to demonstrate and evaluate the applicability of our proposal.

AB - Business processes, as the instruments used by organisations to produce value, need to comply with a number of internally and externally imposed standards and restrictions. Since the majority of such processes involve the exchange of sensitive third party information, their compliance to security constraints needs to be verified before they can be implemented. Current attempts for the verification of security compliance of design-time business process models involve the transformation of both the model and the desired security properties into formal specifications, which can be then used as input for automated model checkers. Such an approach is usually costly both in terms of time and specialised knowledge, while also its coverage can be limited to specific types of security requirements. In this work we introduce an approach for the verification of security in business process models based on structural properties of the workflow of the process. To that end, we introduce a series of attributes to existing BPMN 2.0 concepts and algorithms for checking the compliance of a process model against the most common security requirements. Finally, a real-world business process is used to demonstrate and evaluate the applicability of our proposal.

KW - BPMN

KW - Business Process Modelling

KW - Business Process Security

KW - Security Verification

UR - http://www.scopus.com/inward/record.url?scp=85029450890&partnerID=8YFLogxK

U2 - 10.1109/CBI.2017.37

DO - 10.1109/CBI.2017.37

M3 - Conference contribution with ISSN or ISBN

AN - SCOPUS:85029450890

VL - 1

T3 - Conference on Business Informatics

SP - 43

EP - 52

BT - Proceedings - 2017 IEEE 19th Conference on Business Informatics, CBI 2017

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 19th IEEE Conference on Business Informatics, CBI 2017

Y2 - 24 July 2017 through 27 July 2017

ER -

Attribute-based security verification of business process models

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this