基于风险的业务流程执行分析

Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy Pub Date : 2016-03-09 DOI:10.1145/2857705.2857742

M. Alizadeh, Nicola Zannone

{"title":"基于风险的业务流程执行分析","authors":"M. Alizadeh, Nicola Zannone","doi":"10.1145/2857705.2857742","DOIUrl":null,"url":null,"abstract":"Organizations need to monitor their business processes to ensure that what actually happens in the system is compliant with the prescribed behavior. Deviations from the prescribed behavior may correspond to violations of security requirements and expose organizations to severe risks. Thus, it is crucial for organizations to detect and address nonconforming behavior as early as possible. In this paper, we present an auditing framework that facilitates the analysis of process executions by detecting nonconforming behaviors and ranking them with respect to their criticality. Our framework employs conformance checking techniques to detect possible explanations of nonconformity. Based on such explanations, the framework assesses the criticality of nonconforming process executions based on historical logging data and context information.","PeriodicalId":377412,"journal":{"name":"Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy","volume":"10 2","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-03-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Risk-based Analysis of Business Process Executions\",\"authors\":\"M. Alizadeh, Nicola Zannone\",\"doi\":\"10.1145/2857705.2857742\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Organizations need to monitor their business processes to ensure that what actually happens in the system is compliant with the prescribed behavior. Deviations from the prescribed behavior may correspond to violations of security requirements and expose organizations to severe risks. Thus, it is crucial for organizations to detect and address nonconforming behavior as early as possible. In this paper, we present an auditing framework that facilitates the analysis of process executions by detecting nonconforming behaviors and ranking them with respect to their criticality. Our framework employs conformance checking techniques to detect possible explanations of nonconformity. Based on such explanations, the framework assesses the criticality of nonconforming process executions based on historical logging data and context information.\",\"PeriodicalId\":377412,\"journal\":{\"name\":\"Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy\",\"volume\":\"10 2\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-03-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2857705.2857742\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2857705.2857742","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

组织需要监视他们的业务流程，以确保系统中实际发生的事情符合规定的行为。对规定行为的偏离可能对应于对安全需求的违反，并使组织暴露于严重的风险中。因此，组织尽早发现和处理不符合行为是至关重要的。在本文中，我们提出了一个审核框架，该框架通过检测不符合行为并根据其严重性对其进行排序来促进过程执行的分析。我们的框架采用一致性检查技术来检测不一致性的可能解释。基于这些解释，该框架基于历史日志数据和上下文信息评估不符合过程执行的严重性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Risk-based Analysis of Business Process Executions

Organizations need to monitor their business processes to ensure that what actually happens in the system is compliant with the prescribed behavior. Deviations from the prescribed behavior may correspond to violations of security requirements and expose organizations to severe risks. Thus, it is crucial for organizations to detect and address nonconforming behavior as early as possible. In this paper, we present an auditing framework that facilitates the analysis of process executions by detecting nonconforming behaviors and ranking them with respect to their criticality. Our framework employs conformance checking techniques to detect possible explanations of nonconformity. Based on such explanations, the framework assesses the criticality of nonconforming process executions based on historical logging data and context information.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy

自引率

0.00%

发文量