Publications

A Hierarchy of Knowledge for the Formal Analysis of Security-Sensitive Business Processes  (2011)

Authors:
Marchesini S.; Vigano' L.
Title:
A Hierarchy of Knowledge for the Formal Analysis of Security-Sensitive Business Processes
Year:
2011
Type of item:
Contributo in atti di convegno
Tipologia ANVUR:
Contributo in Atti di convegno
Nations of authors:
ITALIA
Language:
Inglese
Format:
Elettronico
Congresso:
6th International Conference on Risks and Security of Internet and Systems (CRiSIS)
Place:
Timisoara, Romania
Period:
26-28 settembre 2011
Publisher:
IEEE Computer Society
ISBN:
9781457718892
Page numbers:
78-87
Keyword:
Computer security, business processes, formal methods
Short description of contents:
Security-sensitive business processes are business processes that must comply with security requirements such as authorization constraints or separation or binding of duty. As such, they are difficult to design and notoriously prone to error, and a number of approaches have been proposed to formalizing and reasoning about models of such processes to detect potential vulnerabilities. In this paper, we present an approach that introduces the notion of knowledge for the formal analysis of security-sensitive business processes. We structure knowledge hierarchically, in different levels that can interact with each other in order to derive new information, which allows us to specify at different levels information about sets of critical tasks and thereby control the process execution and enforce security properties.
Product ID:
63197
Handle IRIS:
11562/367605
Deposited On:
November 17, 2012
Last Modified:
November 2, 2016
Bibliographic citation:
Marchesini S.; Vigano' L., A Hierarchy of Knowledge for the Formal Analysis of Security-Sensitive Business ProcessesProceedings of "6th International Conference on Risks and Security of Internet and Systems (CRiSIS)" , Timisoara, Romania , 26-28 settembre 2011 , 2011IEEE Computer Societypp. 78-87

Consulta la scheda completa presente nel repository istituzionale della Ricerca di Ateneo IRIS

Related projects
Title Department Managers
SPaCIoS: Secure Provision and Consumption in the Internet of Services Department Informatica Luca Vigano'
<<back

Activities

Research facilities