On the exploitation of process mining for security audits: the conformance checking case
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Data flow-oriented process mining to support security audits
ICSOC'11 Proceedings of the 2011 international conference on Service-Oriented Computing
Automatic information flow analysis of business process models
BPM'12 Proceedings of the 10th international conference on Business Process Management
On the exploitation of process mining for security audits: the process discovery case
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Hi-index | 0.00 |
This paper presents RecIF, a forensic technique for the analysis of business process logs to detect illegal data flows. RecIF uses propagation graphs to formally capture the data flow within a process execution. Abstracting away from the concrete traces, propagation graphs are analyzed with extensional data flow policies that denote what -- instead of how -- relevant industrial requirements, e.g. Chinese Wall and separation of duty constraints, are to be achieved. An example and the corresponding runtime figures demonstrate the feasibility of the approach.