Advertisement

Why Are Business Processes Not Secure?

  • Günter Müller
  • Rafael Accorsi
Chapter
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8260)

Abstract

Security is simple to understand but hard to ensure. In the times of Internet, this task has been becoming harder every day. To date, computer science has not solved how to prevent the misuse of business processes. While data objects can be protected, a process cannot. The reason is the security of a process depends not only on its individual accesses and can only be accessed upon the process’ termination or when cast into the context of other processes. Many unbelievable scandals encompassing sophisticated and powerful players, from Microsoft to Sony and credit card operators, from leakages in governments to cyber crime and war attacks could not be prevented despite heavy investment in security. The claim here is that the way in which computer science deals with security does not apply to processes. The key discipline in security is “cryptography”, where the “laureate” Prof. Buchmann got his distinction from. This paper is about how cryptography can be applied as a basis to automate security and give participants in a market an equal position and prevent fraud. To complicate the issue, the goal is security in business processes. The reason is obvious. If one makes mistakes or vulnerabilities are left uncovered, huge fraud incidents might happen, the stockowners rebel, the government complains and employees are, in the worst case, deprived from their pension. This is a real, sensitive issue, with unclear solutions, ambivalent in nature, but rigorous in punishment. The issue is not just to protect, but also to deter “bad things”, such as criminal intents. The option to judge people’s intentions is not an option for mankind; it is not an option though for computer science. We need to automate security and establish procedures that, upon the event of misuse, ascertain accountability.

The main goal and challenge of security in business processes is, on one hand, to provide well-founded guarantees regarding the adherence to security, privacy and regulatory compliance requirements and, on the other hand, to integrate the corresponding mechanisms into the business process management lifecycle. This paper introduces this research area, its current status and upcoming practical challenges.

Keywords

Business Process Enterprise Architecture Business Process Management Process Execution Access Control Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Wolf, C., Harmon, P.: The state of business process management. BPTrends Report (2010), http://www.bptrends.com/
  2. 2.
  3. 3.
    Epstein, J.: Security Lessons Learned from Société Générale. IEEE Security & Privacy 6(3), 80–82 (2008)CrossRefGoogle Scholar
  4. 4.
    Simmhan, Y., Barga, R.S.: Analysis of approaches for supporting the Open Provenance Model: A case study of the Trident workflow workbench. Future Generation Comp. Syst. 27(6), 790–796 (2011)CrossRefGoogle Scholar
  5. 5.
  6. 6.
  7. 7.
    Saat, J., Franke, U., Lagerström, R., Ekstedt, M.: Enterprise Architecture Meta Models for IT/Business Alignment Situations. In: EDOC 2010, pp. 14–23. IEEE (2010)Google Scholar
  8. 8.
    Sandhu, R.S., Samarati, P.: Authetication, Access Control, and Audit. ACM Comput. Surv. 28(1), 241–243 (1996)CrossRefGoogle Scholar
  9. 9.
    Sandhu, R.S., Park, J.: Usage Control: A Vision for Next Generation Access Control. In: Gorodetsky, V., Popyack, L.J., Skormin, V.A. (eds.) MMM-ACNS 2003. LNCS, vol. 2776, pp. 17–31. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Accorsi, R., Lowis, L., Sato, Y.: Automated Certification for Compliant Cloud-based Business Processes. Business & Information Systems Engineering 3(3), 145–154 (2011)CrossRefGoogle Scholar
  11. 11.
    Ramezani, E., Fahland, D., van der Aalst, W.M.P.: Where Did I Misbehave? Diagnostic Information in Compliance Checking. In: Barros, A., Gal, A., Kindler, E. (eds.) BPM 2012. LNCS, vol. 7481, pp. 262–278. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  12. 12.
    Brewer, D.F.C., Nash, M.J.: The Chinese Wall Security Policy. In: IEEE Symposium on Security and Privacy, pp. 206–214. IEEE (1989)Google Scholar
  13. 13.
    Botha, R.A., Eloff, J.H.P.: Separation of duties for access control enforcement in workflow environments. IBM Systems Journal 40(3), 666–682 (2001)CrossRefGoogle Scholar
  14. 14.
    Accorsi, R., Wonnemann, C.: Strong non-leak guarantees for workflow models. In: ACM Symp. Applied Computing, pp. 308–314 (2011)Google Scholar
  15. 15.
    Roscoe, A.W.: Intensional specifications of security protocols. In: Computer Security Foundations Workshop, pp. 28–38. IEEE (1996)Google Scholar
  16. 16.
    Weske, M.: Business Process Management - Concepts, Languages, Architectures. Springer (2012)Google Scholar
  17. 17.
    Basin, D., Burri, S., Karjoth, G.: Optimal workflow-aware authorizations. In: ACM Symp. Access Control Models and Technologies, pp. 93–102 (2012)Google Scholar
  18. 18.
    Wang, Q., Li, N.: Satisfiability and Resiliency in Workflow Authorization Systems. ACM Trans. Inf. Syst. Secur. 13(4), 40 (2010)CrossRefGoogle Scholar
  19. 19.
    Lowis, L., Accorsi, R.: Vulnerability Analysis in SOA-Based Business Processes. IEEE T. Services Computing 4(3), 230–242 (2011)CrossRefGoogle Scholar
  20. 20.
    Lowis, L., Accorsi, R.: On a Classification Approach for SOA Vulnerabilities. In: IEEE Computer Software and Applications Conf., pp. 439–444 (2009)Google Scholar
  21. 21.
    Lohmann, N., Verbeek, E., Dijkman, R.M.: Petri Net Transformations for Business Processes - A Survey. T. Petri Nets and Other Models of Concurrency 2, 46–63 (2009)CrossRefGoogle Scholar
  22. 22.
    Lehmann, A., Lohmann, N.: Modeling Wizard for Confidential Business Processes. In: La Rosa, M., Soffer, P. (eds.) BPM Workshops 2012. LNBIP, vol. 132, pp. 675–688. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  23. 23.
    Accorsi, R., Wonnemann, C., Dochow, S.: SWAT: A Security Workflow Analysis Toolkit for Reliably Secure Process-aware Information Systems. In: Conference on Availability, Reliability and Security, pp. 692–697 (2011)Google Scholar
  24. 24.
    Accorsi, R., Höhn, S.: Towards a Framework for Process Rewriting. In: IFIP Symposium on Data-Driven Process Discovery and Analysis (to appear, 2013)Google Scholar
  25. 25.
    Fdhila, W., Rinderle-Ma, S., Reichert, M.: Change propagation in collaborative processes scenarios. In: CollaborateCom 2012, pp. 452–461. IEEE (2012)Google Scholar
  26. 26.
    Accorsi, R., Sato, Y., Kai, S.: Compliance monitor for early warning risk determination. Wirtschaftsinformatik 50(5), 375–382 (2008)CrossRefGoogle Scholar
  27. 27.
    Ni, Q., Bertino, E., Lobo, J.: Risk-based access control systems built on fuzzy inferences. In: ACM ASIACCS, pp. 250–260. ACM (2010)Google Scholar
  28. 28.
    Brucker, A.D., Petritsch, H.: Extending access control models with break-glass. In: ACM Symp. Access Control Models and Technologies, pp. 197–206. ACM (2009)Google Scholar
  29. 29.
    Accorsi, R., Ullrich, M., Van der Aalst, W.M.P.: Process Mining. Informatik Spektrum 35(5), 354–359 (2012)CrossRefGoogle Scholar
  30. 30.
    Van der Aalst, W.M.P.: Process Mining - Discovery, Conformance and Enhancement of Business Processes. Springer (2011)Google Scholar
  31. 31.
    Accorsi, R., Stocker, T., Müller, G.: On the exploitation of process mining for security audits: the process discovery case. In: ACM Symp. Applied Computing, pp. 1462–1468 (2013)Google Scholar
  32. 32.
    Accorsi, R., Stocker, T.: Discovering Workflow Changes with Time-Based Trace Clustering. In: Aberer, K., Damiani, E., Dillon, T. (eds.) SIMPDA 2011. LNBIP, vol. 116, pp. 154–168. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  33. 33.
    Accorsi, R., Wonnemann, C.: Auditing Workflow Executions against Dataflow Policies. In: Abramowicz, W., Tolksdorf, R. (eds.) BIS 2010. LNBIP, vol. 47, pp. 207–217. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  34. 34.
    Accorsi, R., Wonnemann, C.: Detective Information Flow Analysis for Business Processes. In: Business Process and Services Computing, pp. 223–224. GI (2009)Google Scholar
  35. 35.
    Accorsi, R., Stocker, T.: On the exploitation of process mining for security audits: the conformance checking case. In: ACM Symp. Applied Computing, pp. 1709–1716. ACM (2012)Google Scholar
  36. 36.
    Accorsi, R.: Automated Privacy Audits to Complement the Notion of Control for Identity Management. In: Conference on Identity Management, pp. 39–48 (2007)Google Scholar
  37. 37.
    Accorsi, R., Stocker, T.: Automated Privacy Audits Based on Pruning of Log Data. In: Enterprise Distributed Object Computing Conference, pp. 175–182 (2008)Google Scholar
  38. 38.
    DoD, Trusted computer security evaluation criteria (1983), Website: http://csrc.nist.gov/publications/histroy/dod85.pdf
  39. 39.
    ISO/IEC, ISO/IEC Information Security Management System 27001 (2005), Website: http://www.27000.org/iso-27001.htm
  40. 40.
    Gallegos, F., Senft, S.: Information Technology Control and Audit. Auerbach Publications (2004)Google Scholar
  41. 41.
    Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds. In: ACM Conference on Computer and Communications Security, pp. 199–212. ACM (2009)Google Scholar
  42. 42.
    Pearce, M., Zeadally, S., Hunt, R.: Virtualization: Issues, security threats, and solutions. ACM Comput. Surv. 45(2), 17:1–17:39 (2013)Google Scholar
  43. 43.
    Chen, S., Wang, R., Wang, X., Zhang, K.: Side-channel leaks in web applications: A reality today, a challenge tomorrow. In: IEEE Symposium on Security and Privacy, pp. 191–206. IEEE (2010)Google Scholar
  44. 44.
    Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Network and Computer Applications 34(1), 1–11 (2011)CrossRefGoogle Scholar
  45. 45.
    Shabtai, A., Elovici, Y., Rokach, L.: A survey of data leakage detection and prevention solutions. Springer (2012)Google Scholar
  46. 46.
    Busi, N., Gorrieri, R.: Structural non-interference in elementary and trace nets. Mathematical Structures in Computer Science 19(6), 1065–1090 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  47. 47.
    Accorsi, R., Lehmann, A.: Automatic Information Flow Analysis of Business Process Models. In: Barros, A., Gal, A., Kindler, E. (eds.) BPM 2012. LNCS, vol. 7481, pp. 172–187. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  48. 48.
    Accorsi, R., Wonnemann, C.: Forensic Leak Detection for Business Process Models. In: Peterson, G., Shenoi, S. (eds.) Advances in Digital Forensics VII. IFIP AICT, vol. 361, pp. 101–103. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  49. 49.
    Accorsi, R., Wonnemann, C.: Static Information Flow Analysis of Workflow Models. ISSS/BPSC 2010: 194-205 (2010)Google Scholar
  50. 50.
    Accorsi, R., Wonnemann, C.: InDico: Information Flow Analysis of Business Processes for Confidentiality Requirements. In: ERCIM Workshop on Security and Trust Management, pp. 194–209 (2010)Google Scholar
  51. 51.
    Houy, C., Fettke, P., Loos, P., Van der Aalst, W.M.P., Krogstie, J.: Business Process Management in the Large. Business & Information Systems Engineering 3(6), 385–388 (2011)CrossRefGoogle Scholar
  52. 52.
    Khoury, R., Tawbi, N.: Corrective Enforcement: A New Paradigm of Security Policy Enforcement by Monitors. ACM Trans. Inf. Syst. Secur. 15(2), 10 (2012)CrossRefGoogle Scholar
  53. 53.
    Accorsi, R.: Business Process as a Service: Chances for Remote Auditing. In: IEEE International Computer Software and Applications Conference, pp. 398–403 (2011)Google Scholar
  54. 54.
    Stocker, T., Accorsi, R.: Security-aware Synthesis of Process Event logs. In: Workshop on Enterprise Modelling and Information Systems Architectures (to appear, 2013)Google Scholar
  55. 55.
    Koslowski, T.G., Zimmermann, C.: A Detective Approach to Process-centered Information Infrastructure Resilience. In: ERCIM Workshop on Security and Trust Management (to appear, 2013)Google Scholar
  56. 56.
    Accorsi, R.: Sicherheit im Prozessmanagement. Zeitschrift für Datenrecht und Informationssicherheit (to appear)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Günter Müller
    • 1
  • Rafael Accorsi
    • 1
  1. 1.Department of TelematicsUniversity of FreiburgGermany

Personalised recommendations