Detective Information Flow Analysis for Business Processes

10 years 23 days ago
Detective Information Flow Analysis for Business Processes
Abstract: We report on ongoing work towards a posteriori detection of illegal information flows for business processes, focusing on the challenges involved in doing so. Resembling a forensic investigation, our approach aims at analyzing the audit trails resultant from the execution of the business processes, locating informations flows that violate the (non-functional) requirements stipulated by security policies. The goal is to obtain fine-grained evidence of policy compliance with respect to information flows. Information flow (IF) characterizes the transfer of information from a classified container h to a public container l during the execution of a process [Lam73]. A "container" can be a logical or physical device, such as a process instance, network socket, or variable. An IF is labeled "illegal" whenever it violates the security policies expressing the non-functional requirements put on the execution of the process, in particular the confidentiality and nonin...
Rafael Accorsi, Claus Wonnemann
Added 08 Nov 2010
Updated 08 Nov 2010
Type Conference
Year 2009
Where BPSC
Authors Rafael Accorsi, Claus Wonnemann
Comments (0)