Data Flow-Oriented Process Mining to Support Security Audits

  • Thomas Stocker
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7221)


The automated execution of dynamically-evolving business processes in service-oriented architectures requires audit methods to assert that they fulfill required security properties. Process mining techniques can provide models for the actual process behavior, but mostly disregard the dynamics of processes running in highly flexible environments and neglect the data flow perspective. This research plan is on novel data-oriented mining techniques to tackle these shortcomings in order to support effective security audits.


Business Process Research Plan Business Process Management Covert Channel Process Mining Technique 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Accorsi, R.: Business process as a service: Chances for remote auditing. In: IEEE Computer Software and Applications Conference (2011)Google Scholar
  2. 2.
    Accorsi, R., Wonnemann, C.: Strong non-leak guarantees for workflow models. In: ACM Symposium on Applied Computing, pp. 308–314. ACM (2011)Google Scholar
  3. 3.
    Accorsi, R., Wonnemann, C.: InDico: Information Flow Analysis of Business Processes for Confidentiality Requirements. In: Cuellar, J., Lopez, J., Barthe, G., Pretschner, A. (eds.) STM 2010. LNCS, vol. 6710, pp. 194–209. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  4. 4.
    Accorsi, R., Wonnemann, C., Dochow, S.: SWAT: A security analysis toolkit for reliably process-aware information systems. In: Workshop on Security Aspects of Process-aware Information. IEEEGoogle Scholar
  5. 5.
    Accorsi, R., Wonnemann, C., Stocker, T.: Towards forensic data flow analysis of business process logs. In: Proceedings the IEEE Conference on Incident Management and Forensics. IEEE Computer Society (2011)Google Scholar
  6. 6.
    Adam, N., Atluri, V., Huang, W.: Modeling and analysis of workflows using petri nets. Intelligent Information Systems 10(2), 131–158 (1998)CrossRefGoogle Scholar
  7. 7.
    Atluri, V., Warner, J.: Security for workflow systems. In: Handbook of Database Security, pp. 213–230 (2008)Google Scholar
  8. 8.
    Cummins, F.: BPM meets SOA. In: Handbook on Business Process Management 1. International Handbooks on Information Systems, pp. 461–479 (2010)Google Scholar
  9. 9.
    Curbera, F., Doganata, Y., Martens, A., Mukhi, N.K., Slominski, A.: Business Provenance – A Technology to Increase Traceability of End-to-End Operations. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part I. LNCS, vol. 5331, pp. 100–119. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  10. 10.
    de Medeiros, A.K.A., Guzzo, A., Greco, G., van der Aalst, W.M.P., Weijters, A.J.M.M., van Dongen, B.F., Saccà, D.: Process Mining Based on Clustering: A Quest for Precision. In: ter Hofstede, A.H.M., Benatallah, B., Paik, H.-Y. (eds.) BPM Workshops 2007. LNCS, vol. 4928, pp. 17–29. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Greco, G., Guzzo, A., Pontieri, L., Saccà, D.: Discovering expressive process models by clustering log traces. IEEE Transactions on Knowledge and Data Engineering 18(8), 1010–1027 (2006)CrossRefGoogle Scholar
  12. 12.
    Lowis, L., Accorsi, R.: Finding vulnerabilities in SOA-based business processes. IEEE Transactions on Service Computing (2011) (to appear)Google Scholar
  13. 13.
    McHugh, J.: Handbook for the Computer Security Certification of Trusted Systems. Naval Research Laboratory (1995)Google Scholar
  14. 14.
    Sayana, A.: Using CAATs to support IS audit. Information Systems Control Journal, 1 (2003)Google Scholar
  15. 15.
    Song, M., Günther, C.W., van der Aalst, W.M.P.: Trace Clustering in Process Mining. In: Ardagna, D., Mecella, M., Yang, J. (eds.) BPM 2008 Workshops. LNBIP, vol. 17, pp. 109–120. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  16. 16.
    Stocker, T.: Time-Based Trace Clustering for Evolution-Aware Security Audits. In: Daniel, F., Barkaoui, K., Dustdar, S. (eds.) BPM Workshops 2011, Part II. LNBIP, vol. 100, pp. 471–476. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  17. 17.
    Teeter, R., an Miklos Vasarhelyi, M.: Remote auditing: A research framework. Journal of Emerging Technology in Accounting (to appear)Google Scholar
  18. 18.
    van der Aalst, W., Weijters, T., Maruster, L.: Workflow mining: discovering process models from event logs. IEEE Transactions on Knowledge and Data Engineering 16(9), 1128–1142 (2004)CrossRefGoogle Scholar
  19. 19.
    van der Aalst, W.M.P., ter Hofstede, A.H.M., Weske, M.: Business Process Management: A Survey. In: van der Aalst, W.M.P., ter Hofstede, A.H.M., Weske, M. (eds.) BPM 2003. LNCS, vol. 2678, pp. 1–12. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  20. 20.
    Wei, Y., Blake, M.: Service-oriented computing and cloud computing: Challenges and opportunities. IEEE Internet Computing 14, 72–75 (2010)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Thomas Stocker
    • 1
  1. 1.University of FreiburgGermany

Personalised recommendations