Skip to main content
SpringerLink
Log in

Business Process Modeling for Insider Threat Monitoring and Handling

  • Conference paper
Trust, Privacy, and Security in Digital Business (TrustBus 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8647))

Abstract

Business process modeling has facilitated modern enterprises to cope with the constant need to increase their productivity, reduce costs and offer competitive products and services. Despite modeling’s and process management’s widespread success, one may argue that it lacks of built-in security mechanisms able to detect and deter threats that may manifest throughout the process. To this end, a variety of different solutions have been proposed by researchers which focus on different threat types. In this paper we examine the insider threat through business processes. Depending on their motives, insiders participating in an organization’s business process may manifest delinquently in a way that causes severe impact to the organization. We examine existing security approaches to tackle down the aforementioned threat in enterprise business processes and propose a preliminary model for a monitoring approach that aims at mitigating the insider threat. This approach enhances business process monitoring tools with information evaluated from Social Media by examining the online behavior of users and pinpoints potential insiders with critical roles in the organization’s processes. Also, this approach highlights the threat introduced in the processes operated by such users. We conclude with some observations on the monitoring results (i.e. psychometric evaluations from the social media analysis) concerning privacy violations and argue that deployment of such systems should be allowed solely on exceptional cases, such as protecting critical infrastructures or monitoring decision making personnel.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Hammer, M., Champy, J.: Reengineering the corporation: A manifesto for business revolution. Harper Collins (2009)

    Google Scholar 

  2. Weske, M.: Business process management: concepts, languages, architectures. Springer (2012)

    Google Scholar 

  3. Karagiannis, D.: Business process management: A holistic management approach. In: Mayr, H.C., Kop, C., Liddle, S., Ginige, A. (eds.) UNISON 2012. LNBIP, vol. 137, pp. 1–12. Springer, Heidelberg (2013)

    Google Scholar 

  4. Gritzalis, D., Stavrou, V., Kandias, M., Stergiopoulos, G.: Insider Threat: Enhancing BPM through Social Media. In: 6th IFIP International Conference on New Technologies, Mobility and Security. IEEE (2014)

    Google Scholar 

  5. Basin, D., Doser, J., Lodderstedt, T.: Model driven security: From UML models to access control infrastructures. ACM Transactions on Software Engineering and Methodology 15(1), 39–91 (2006)

    Article  Google Scholar 

  6. Theoharidou, M., Kokolakis, S., Karyda, M., Kiountouzis, E.: The insider threat to information systems and the effectiveness of ISO17799. Computers & Security 24(6), 472–484 (2005)

    Article  Google Scholar 

  7. Nguyen, N., Reiher, P., Kuenning, G.H.: Detecting insider threats by monitoring system call activity. In: IEEE Systems, Man and Cybernetics Society, pp. 45–52. IEEE (2003)

    Google Scholar 

  8. Brown, C., Watkins, A., Greitzer, F.: Predicting insider threat risks through linguistic analysis of electronic communication. In: 46th Hawaii International Conference on System Sciences, pp. 1849–1858. IEEE (2013)

    Google Scholar 

  9. Grigori, D., Casati, F., Castellanos, M., Dayal, U., Sayal, M., Shan, M.: Business process intelligence. Computers in Industry 53(3), 321–343 (2004)

    Article  Google Scholar 

  10. Kandias, M., Galbogini, K., Mitrou, L., Gritzalis, D.: Insiders trapped in the mirror reveal themselves in social media. In: Lopez, J., Huang, X., Sandhu, R. (eds.) NSS 2013. LNCS, vol. 7873, pp. 220–235. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  11. Kandias, M., Stavrou, V., Bozovic, N., Mitrou, L., Gritzalis, D.: Can we trust this user? Predicting insider’s attitude via YouTube usage profiling. In: 10th International Conference on Autonomic and Trusted Computing, pp. 347–354. IEEE (2013)

    Google Scholar 

  12. Amichai-Hamburger, Y., Vinitzky, G.: Social network use and personality. In: Computers in Human Behavior, vol. 26, pp. 1289–1295 (2010)

    Google Scholar 

  13. Backes, M., Pfitzmann, B., Waidner, M.: Security in business process engineering. In: van der Aalst, W.M.P., ter Hofstede, A.H.M., Weske, M. (eds.) BPM 2003. LNCS, vol. 2678, pp. 168–183. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  14. Jürjens, J.: Secure systems development with UML. Springer (2005)

    Google Scholar 

  15. Gaaloul, K., Proper, E., Charoy, F.: An Extended RBAC Model for Task Delegation in Workflow Systems. In: Niedrite, L., Strazdina, R., Wangler, B. (eds.) BIR Workshops 2011. LNBIP, vol. 106, pp. 51–63. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  16. Brucker, A., Hang, I., Lückemeyer, G., Ruparel, R.: SecureBPMN: Modeling and enforcing access control requirements in business processes. In: 17th ACM Symposium on Access Control Models and Technologies, pp. 123–126. ACM (2012)

    Google Scholar 

  17. Ciancia, V., Martinelli, F., Matteuci, I., Petrocchi, M., Martin, J., Pimentel, E.: Automated synthesis and ranking of secure BPMN orchestrators. In: International Conference on Availability, Reliability and Security (2013)

    Google Scholar 

  18. Paja, E., Giorgini, P., Paul, S., Meland, P.H.: Security requirements engineering for secure business processes. In: Niedrite, L., Strazdina, R., Wangler, B. (eds.) BIR Workshops 2011. LNBIP, vol. 106, pp. 77–89. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  19. Mouratidis, H., Jurjens, J.: From goal-driven security requirements engineering to secure design. International Journal of Intelligent Systems 25(8), 813–840 (2010)

    Article  Google Scholar 

  20. Arsac, W., Compagna, L., Pellegrino, G., Ponta, S.E.: Security validation of business processes via model-checking. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 29–42. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  21. Kandias, M., Mylonas, A., Virvilis, N., Theoharidou, M., Gritzalis, D.: An insider threat prediction model. In: Katsikas, S., Lopez, J., Soriano, M. (eds.) TrustBus 2010. LNCS, vol. 6264, pp. 26–37. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  22. Shaw, E., Ruby, K., Post, J.: The insider threat to information systems: The psychology of the dangerous insider. Security Awareness Bulletin 2(98), 1–10 (1998)

    Google Scholar 

  23. Magklaras, G., Furnell, S., Papadaki, M.: LUARM: An audit engine for insider misuse detection. International Journal of Digital Crime and Forensics (IJDCF) 3(3), 37–49 (2011)

    Article  Google Scholar 

  24. Mulle, J., Stackelberg, S., Bohm, K.: Modelling and transforming security constraints in privacy-aware business processes. In: IEEE International Conference on Service-Oriented Computing and Applications, pp. 1–4. IEEE (2011)

    Google Scholar 

  25. Kandias, M., Virvilis, N., Gritzalis, D.: The insider threat in Cloud computing. In: Bologna, S., Hämmerli, B., Gritzalis, D., Wolthusen, S. (eds.) CRITIS 2011. LNCS, vol. 6983, pp. 93–103. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  26. Rodríguez, A., Fernández-Medina, E., Piattini, M.: A BPMN extension for the modeling of security requirements in business processes. IEICE Transactions on Information & Systems 90(4), 745–752 (2007)

    Article  Google Scholar 

  27. Altuhhova, O., Matulevičius, R., Ahmed, N.: An extension of business process model and notation for security risk management

    Google Scholar 

  28. Mundie, D., Moore, A., McIntire, D.: Building a multidimensional pattern language for insider threats. In: 19th Pattern Languages of Programs Conference, vol. 12 (2012)

    Google Scholar 

  29. Kandias, M., Stavrou, V., Bosovic, N., Gritzalis, D.: Proactive insider threat detection through social media: The YouTube case. In: 12th ACM Workshop on Workshop on Privacy in the Electronic Society, pp. 261–266. ACM (2013)

    Google Scholar 

  30. Kandias, M., Mitrou, L., Stavrou, V., Gritzalis, D.: Which side are you on? A new Panopticon vs. Privacy. In: 10th International Conference on Security and Cryptography, pp. 98–110 (2013)

    Google Scholar 

  31. Federal Bureau of Investigation: The insider threat: An introduction to detecting and deterring an insider spy (2012), http://www.fbi.gov/about-us/investigate/counterintelligence/the-insider-threat

  32. Steele, R.: Open source intelligence. In: Handbook of Intelligence Studies, p. 129 (2007)

    Google Scholar 

  33. Simitis, S.: Reconsidering the premises of labour law: Prolegomena to an EU regulation on the protection of employees’ personal data. European Law Journal 5, 45–62 (1999)

    Article  Google Scholar 

  34. Broughton, A., Higgins, T., Hicks, B., Cox, A.: Workplaces and Social Networking - The Implications for Employment Relations. Institute for Employment Studies, UK (2009)

    Google Scholar 

  35. Lasprogata, G., King, N., Pillay, S.: Regulation of electronic employee monitoring: Identifying fundamental principles of employee privacy through a comparative study of data privacy legislation in the EU, US and Canada. Stanford Technology Law Review 4 (2004)

    Google Scholar 

  36. Fazekas, C.: 1984 is Still Fiction: Electronic Monitoring in the Workplace and US Privacy Law. Duke Law & Technology Review, 15 (2004)

    Google Scholar 

  37. Kotzanikolaou, P., Theoharidou, M., Gritzalis, D.: Accessing n-order dependencies between critical infrastructures. International Journal of Critical Infrastructure Protection 9(1-2), 93–110 (2013)

    Article  Google Scholar 

  38. Theoharidou, M., Kotzanikolaou, P., Gritzalis, D.: A multi-layer criticality assessment methodology based on interdependencies. Computers & Security 29(6), 643–658 (2010)

    Article  Google Scholar 

  39. Theoharidou, M., Kotzanikolaou, P., Gritzalis, D.: Risk-based criticality analysis. In: Palmer, C., Shenoi, S. (eds.) Critical Infrastructure Protection III. IFIP AICT, vol. 311, pp. 35–49. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security & Critical Infrastructure Protection Laboratory Dept. of Informatics, Athens University of Economics & Business, 76 Patission Ave., GR-10434, Athens, Greece

    Vasilis Stavrou, Miltiadis Kandias, Georgios Karoulas & Dimitris Gritzalis

Authors
  1. Vasilis Stavrou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Miltiadis Kandias
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Georgios Karoulas
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dimitris Gritzalis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Fraunhofer-Institut für Angewandte und Integrierte Sicherheit (AISEC), Parkring 4, 85748, Garching, Germany

    Claudia Eckert

  2. Department of Digital Systems, University of Piraeus, 150 Androutsou St., 185 32, Piraeus, Greece

    Sokratis K. Katsikas

  3. LS Wirtschaftsinformatik 1 - Informationssysteme, Universität Regensburg, Universitätsstr. 31, 93053, Regensburg, Germany

    Günther Pernul

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Stavrou, V., Kandias, M., Karoulas, G., Gritzalis, D. (2014). Business Process Modeling for Insider Threat Monitoring and Handling. In: Eckert, C., Katsikas, S.K., Pernul, G. (eds) Trust, Privacy, and Security in Digital Business. TrustBus 2014. Lecture Notes in Computer Science, vol 8647. Springer, Cham. https://doi.org/10.1007/978-3-319-09770-1_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-09770-1_11

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-09769-5

  • Online ISBN: 978-3-319-09770-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation