Coloured Petri Nets: a high level language for system design and analysis
APN 90 Proceedings on Advances in Petri nets 1990
An extended Petri net model for supporting workflow in a multilevel secure environment
Proceedings of the tenth annual IFIP TC11/WG11.3 international conference on Database security: volume X : status and prospects: status and prospects
Modeling and Analysis of Workflows Using Petri Nets
Journal of Intelligent Information Systems - Special issue on workflow management systems
A note on the confinement problem
Communications of the ACM
A Chinese wall security model for decentralized workflow systems
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
An Authorization Model for Workflows
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Non-Interference: Who Needs It?
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Dimensions and Principles of Declassification
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Queue - Compliance
Formulating the Data-Flow Perspective for Business Process Management
Information Systems Research
Modelling work distribution mechanisms using Colored Petri Nets
International Journal on Software Tools for Technology Transfer (STTT)
Analyzing Regulatory Rules for Privacy and Security Requirements
IEEE Transactions on Software Engineering
Petri Net Transformations for Business Processes --- A Survey
Transactions on Petri Nets and Other Models of Concurrency II
Petri Net Security Checker: Structural Non-interference at Work
Formal Aspects in Security and Trust
Data-Flow Anti-patterns: Discovering Data-Flow Errors in Workflows
CAiSE '09 Proceedings of the 21st International Conference on Advanced Information Systems Engineering
Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Structural non-interference in elementary and trace nets
Mathematical Structures in Computer Science
Using control patterns in business processes compliance
WISE'07 Proceedings of the 2007 international conference on Web information systems engineering
A feature-complete Petri net semantics for WS-BPEL 2.0
WS-FM'07 Proceedings of the 4th international conference on Web services and formal methods
Information flow analysis of scientific workflows
Journal of Computer and System Sciences
Strong non-leak guarantees for workflow models
Proceedings of the 2011 ACM Symposium on Applied Computing
Vulnerability Analysis in SOA-Based Business Processes
IEEE Transactions on Services Computing
WofBPEL: a tool for automated analysis of BPEL processes
ICSOC'05 Proceedings of the Third international conference on Service-Oriented Computing
Satisfiability and resiliency in workflow systems
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Strong non-leak guarantees for workflow models
Proceedings of the 2011 ACM Symposium on Applied Computing
Data flow-oriented process mining to support security audits
ICSOC'11 Proceedings of the 2011 international conference on Service-Oriented Computing
Automatic information flow analysis of business process models
BPM'12 Proceedings of the 10th international conference on Business Process Management
| Hi-index | 0.00 |
This paper presents InDico, an approach for the automated analysis of business processes against confidentiality requirements. InDico is motivated by the fact that in spite of the correct deployment of access control mechanisms, information leaks in automated business processes can persist due to erroneous process design. InDico employs a meta-model based on Petri nets to formalize and analyze business processes, thereby enabling the identification of leaks caused by a flawed process design.