Pubblicazioni

Autori:

Marchesini, Simone; Vigano', Luca

Titolo:

A Hierarchy of Knowledge for the Formal Analysis of Security-Sensitive Business Processes

Anno:

2011

Tipologia prodotto:

Contributo in atti di convegno

Tipologia ANVUR:

Contributo in Atti di convegno

Lingua:

Inglese

Formato:

Elettronico

Titolo del Convegno:

6th International Conference on Risks and Security of Internet and Systems (CRiSIS)

Luogo:

Timisoara, Romania

Periodo:

26-28 settembre 2011

Casa editrice:

IEEE Computer Society

ISBN:

9781457718892

Intervallo pagine:

78-87

Parole chiave:

Computer security; business processes; formal methods

Breve descrizione dei contenuti:

Security-sensitive business processes are business processes that must comply with security requirements such as authorization constraints or separation or binding of duty. As such, they are difficult to design and notoriously prone to error, and a number of approaches have been proposed to formalizing and reasoning about models of such processes to detect potential vulnerabilities. In this paper, we present an approach that introduces the notion of knowledge for the formal analysis of security-sensitive business processes. We structure knowledge hierarchically, in different levels that can interact with each other in order to derive new information, which allows us to specify at different levels information about sets of critical tasks and thereby control the process execution and enforce security properties.

Id prodotto:

63197

Handle IRIS:

11562/367605

depositato il:

17 novembre 2012

ultima modifica:

14 novembre 2022

Citazione bibliografica:

Marchesini, Simone; Vigano', Luca, A Hierarchy of Knowledge for the Formal Analysis of Security-Sensitive Business Processes , Atti di "6th International Conference on Risks and Security of Internet and Systems (CRiSIS)" , Timisoara, Romania , 26-28 settembre 2011 , 2011 , IEEE Computer Society , pp. 78-87

Consulta la scheda completa presente nel repository istituzionale della Ricerca di Ateneo