Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

International Conference on Service-Oriented Computing

ICSOC 2011: Service-Oriented Computing - ICSOC 2011 Workshops pp 171–176Cite as

  1. Home
  2. Service-Oriented Computing - ICSOC 2011 Workshops
  3. Conference paper
Data Flow-Oriented Process Mining to Support Security Audits

Data Flow-Oriented Process Mining to Support Security Audits

  • Thomas Stocker26 
  • Conference paper
  • 1359 Accesses

  • 2 Citations

Part of the Lecture Notes in Computer Science book series (LNPSE,volume 7221)

Abstract

The automated execution of dynamically-evolving business processes in service-oriented architectures requires audit methods to assert that they fulfill required security properties. Process mining techniques can provide models for the actual process behavior, but mostly disregard the dynamics of processes running in highly flexible environments and neglect the data flow perspective. This research plan is on novel data-oriented mining techniques to tackle these shortcomings in order to support effective security audits.

Keywords

  • Business Process
  • Research Plan
  • Business Process Management
  • Covert Channel
  • Process Mining Technique

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Download conference paper PDF

References

  1. Accorsi, R.: Business process as a service: Chances for remote auditing. In: IEEE Computer Software and Applications Conference (2011)

    Google Scholar 

  2. Accorsi, R., Wonnemann, C.: Strong non-leak guarantees for workflow models. In: ACM Symposium on Applied Computing, pp. 308–314. ACM (2011)

    Google Scholar 

  3. Accorsi, R., Wonnemann, C.: InDico: Information Flow Analysis of Business Processes for Confidentiality Requirements. In: Cuellar, J., Lopez, J., Barthe, G., Pretschner, A. (eds.) STM 2010. LNCS, vol. 6710, pp. 194–209. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  4. Accorsi, R., Wonnemann, C., Dochow, S.: SWAT: A security analysis toolkit for reliably process-aware information systems. In: Workshop on Security Aspects of Process-aware Information. IEEE

    Google Scholar 

  5. Accorsi, R., Wonnemann, C., Stocker, T.: Towards forensic data flow analysis of business process logs. In: Proceedings the IEEE Conference on Incident Management and Forensics. IEEE Computer Society (2011)

    Google Scholar 

  6. Adam, N., Atluri, V., Huang, W.: Modeling and analysis of workflows using petri nets. Intelligent Information Systems 10(2), 131–158 (1998)

    CrossRef  Google Scholar 

  7. Atluri, V., Warner, J.: Security for workflow systems. In: Handbook of Database Security, pp. 213–230 (2008)

    Google Scholar 

  8. Cummins, F.: BPM meets SOA. In: Handbook on Business Process Management 1. International Handbooks on Information Systems, pp. 461–479 (2010)

    Google Scholar 

  9. Curbera, F., Doganata, Y., Martens, A., Mukhi, N.K., Slominski, A.: Business Provenance – A Technology to Increase Traceability of End-to-End Operations. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part I. LNCS, vol. 5331, pp. 100–119. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  10. de Medeiros, A.K.A., Guzzo, A., Greco, G., van der Aalst, W.M.P., Weijters, A.J.M.M., van Dongen, B.F., Saccà, D.: Process Mining Based on Clustering: A Quest for Precision. In: ter Hofstede, A.H.M., Benatallah, B., Paik, H.-Y. (eds.) BPM Workshops 2007. LNCS, vol. 4928, pp. 17–29. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  11. Greco, G., Guzzo, A., Pontieri, L., Saccà, D.: Discovering expressive process models by clustering log traces. IEEE Transactions on Knowledge and Data Engineering 18(8), 1010–1027 (2006)

    CrossRef  Google Scholar 

  12. Lowis, L., Accorsi, R.: Finding vulnerabilities in SOA-based business processes. IEEE Transactions on Service Computing (2011) (to appear)

    Google Scholar 

  13. McHugh, J.: Handbook for the Computer Security Certification of Trusted Systems. Naval Research Laboratory (1995)

    Google Scholar 

  14. Sayana, A.: Using CAATs to support IS audit. Information Systems Control Journal, 1 (2003)

    Google Scholar 

  15. Song, M., Günther, C.W., van der Aalst, W.M.P.: Trace Clustering in Process Mining. In: Ardagna, D., Mecella, M., Yang, J. (eds.) BPM 2008 Workshops. LNBIP, vol. 17, pp. 109–120. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  16. Stocker, T.: Time-Based Trace Clustering for Evolution-Aware Security Audits. In: Daniel, F., Barkaoui, K., Dustdar, S. (eds.) BPM Workshops 2011, Part II. LNBIP, vol. 100, pp. 471–476. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  17. Teeter, R., an Miklos Vasarhelyi, M.: Remote auditing: A research framework. Journal of Emerging Technology in Accounting (to appear)

    Google Scholar 

  18. van der Aalst, W., Weijters, T., Maruster, L.: Workflow mining: discovering process models from event logs. IEEE Transactions on Knowledge and Data Engineering 16(9), 1128–1142 (2004)

    CrossRef  Google Scholar 

  19. van der Aalst, W.M.P., ter Hofstede, A.H.M., Weske, M.: Business Process Management: A Survey. In: van der Aalst, W.M.P., ter Hofstede, A.H.M., Weske, M. (eds.) BPM 2003. LNCS, vol. 2678, pp. 1–12. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  20. Wei, Y., Blake, M.: Service-oriented computing and cloud computing: Challenges and opportunities. IEEE Internet Computing 14, 72–75 (2010)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Freiburg, Germany

    Thomas Stocker

Authors
  1. Thomas Stocker
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science, University of Cyprus, University of Cyprus Campus, 1678, Nicosia, Cyprus

    George Pallis

  2. National School of Engineers of Sfax, University of Sfax, B.P. 1173, 3038, Sfax, Tunisia

    Mohamed Jmaiel

  3. SAP Darmstadt, Darmstadt, Germany

    Anis Charfi

  4. Sevices Research Lab., HP Labs, 94304, Palo Alto, CA, USA

    Sven Graupner

  5. SAP, Palo Alto, CA, USA

    Yücel Karabulut

  6. Dipartimento di Elettronica e Informazione, Politecnico di Milano, Piazza L. da Vinci 32, 20133, Milano, Italy

    Sam Guinea

  7. IBM T.J. Watson Research Center, USA

    Florian Rosenberg

  8. Department of Computer Science, Adelaide University, 5005, Adelaide, SA, Australia

    Quan Z. Sheng

  9. Faculty of Informatics, University of Lugano, G. Buffi 13, 6904, Lugano, Switzerland

    Cesare Pautasso

  10. LIRIS, CNRS, 20 ave. Albert Einstein, 69621, Villeurbanne, France

    Sonia Ben Mokhtar

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Stocker, T. (2012). Data Flow-Oriented Process Mining to Support Security Audits. In: Pallis, G., et al. Service-Oriented Computing - ICSOC 2011 Workshops. ICSOC 2011. Lecture Notes in Computer Science, vol 7221. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31875-7_18

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-31875-7_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-31874-0

  • Online ISBN: 978-3-642-31875-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature