License: Creative Commons Attribution 4.0 International license (CC BY 4.0)
When quoting this document, please refer to the following
DOI: 10.4230/DagSemProc.10141.4
URN: urn:nbn:de:0030-drops-27167
URL: http://dagstuhl.sunsite.rwth-aachen.de/volltexte/2010/2716/
Go to the corresponding Portal

Accorsi, Rafael ; Müller, Günter

FORTES: Forensic Information Flow Analysis of Business Processes

pdf-format:
10141.AccorsiRafael.ExtAbstract.2716.pdf (0.1 MB)

Abstract

Nearly 70% of all business processes in use today rely on automated workflow systems for their execution. Despite the growing expenses in the design of advanced tools for secure and compliant deployment of workflows, an exponential growth of dependability incidents persists. Concepts beyond access control focusing on information flow control offer new paradigms to design security mechanisms for reliable and secure IT-based workflows.

This talk presents FORTES, an approach for the forensic analysis of information flow properties. FORTES claims that information flow control can be made usable as a core of an audit-control system. For this purpose, it reconstructs workflow models from secure log files (i.e. execution traces) and, applying security policies, analyzes the information flows to distinguish security relevant from security irrelevant information flows. FORTES thus cannot prevent security policy violations, but by detecting them with well-founded analysis, improve the precision of audit controls and the generated certificates.

BibTeX - Entry

@InProceedings{accorsi_et_al:DagSemProc.10141.4,
  author =	{Accorsi, Rafael and M\"{u}ller, G\"{u}nter},
  title =	{{FORTES: Forensic Information Flow Analysis of Business Processes}},
  booktitle =	{Distributed Usage Control},
  pages =	{1--3},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2010},
  volume =	{10141},
  editor =	{Sandro Etalle and Alexander Pretschner and Raiv S. Sandhu and Marianne Winslett},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/opus/volltexte/2010/2716},
  URN =		{urn:nbn:de:0030-drops-27167},
  doi =		{10.4230/DagSemProc.10141.4},
  annote =	{Keywords: Audit, Information flow analysis, business processes}
}

Keywords: Audit, Information flow analysis, business processes
Collection: 10141 - Distributed Usage Control
Issue Date: 2010
Date of publication: 05.08.2010

DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI