• DocumentCode
    2071045
  • Title

    A hierarchy of knowledge for the formal analysis of security-sensitive business processes

  • Author

    Marchesini, Simone ; Viganò, Luca

  • Author_Institution
    Dipt. di Inf., Univ. di Verona, Verona, Italy
  • fYear
    2011
  • fDate
    26-28 Sept. 2011
  • Firstpage
    1
  • Lastpage
    10
  • Abstract
    Security-sensitive business processes are business processes that must comply with security requirements such as authorization constraints or separation or binding of duty. As such, they are difficult to design and notoriously prone to error, and a number of approaches have been proposed to formalizing and reasoning about models of such processes to detect potential vulnerabilities. In this paper, we present an approach that introduces the notion of knowledge for the formal analysis of security-sensitive business processes. We structure knowledge hierarchically, in different levels that can interact with each other in order to derive new information, which allows us to specify at different levels information about sets of critical tasks and thereby control the process execution and enforce security properties.
  • Keywords
    authorisation; business data processing; knowledge management; authorization constraint; formal analysis; knowledge hierarchy; process execution; security property; security requirement; security-sensitive business process; Business; Concrete; Data preprocessing; Logic gates; Process control; Security; Silicon;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Risk and Security of Internet and Systems (CRiSIS), 2011 6th International Conference on
  • Conference_Location
    Timisoara
  • Print_ISBN
    978-1-4577-1890-8
  • Electronic_ISBN
    978-1-4577-1889-2
  • Type

    conf

  • DOI
    10.1109/CRiSIS.2011.6061840
  • Filename
    6061840
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2071045