On the exploitation of process mining for security audits: the conformance checking case

Authors:
Rafael Accorsi;Thomas Stocker
Affiliations:
University of Freiburg, Germany;University of Freiburg, Germany
Venue:
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Year:
2012

Citing 17
Cited 4

Separation of duties for access control enforcement in workflow environments

IBM Systems Journal - End-to-end security
Workflow Mining: Discovering Process Models from Event Logs

IEEE Transactions on Knowledge and Data Engineering
Distributed usage control

Communications of the ACM - Privacy and security in highly dynamic systems
Viewing business-process security from different perspectives

International Journal of Electronic Commerce - Special issue: Developing the business components of the digital economy
Conformance checking of processes based on monitoring real behavior

Information Systems
IT Audit: A Critical Business Process

Computer
Guidelines for conducting and reporting case study research in software engineering

Empirical Software Engineering
Petri Net Transformations for Business Processes --- A Survey

Transactions on Petri Nets and Other Models of Concurrency II
On PDG-based noninterference and its modular proof

Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Auditing 2.0: Using Process Mining to Support Tomorrow's Auditor

Computer
Hyperproperties

Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Strong non-leak guarantees for workflow models

Proceedings of the 2011 ACM Symposium on Applied Computing
Towards Forensic Data Flow Analysis of Business Process Logs

IMF '11 Proceedings of the 2011 Sixth International Conference on IT Security Incident Management and IT Forensics
SWAT: A Security Workflow Analysis Toolkit for Reliably Secure Process-aware Information Systems

ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
Process mining and verification of properties: an approach based on temporal logic

OTM'05 Proceedings of the 2005 Confederated international conference on On the Move to Meaningful Internet Systems - Volume >Part I
The prom framework: a new era in process mining tool support

ICATPN'05 Proceedings of the 26th international conference on Applications and Theory of Petri Nets
Access control: principle and practice

IEEE Communications Magazine

Context-Aware compliance checking

BPM'12 Proceedings of the 10th international conference on Business Process Management
On the exploitation of process mining for security audits: the process discovery case

Proceedings of the 28th Annual ACM Symposium on Applied Computing
Information behaving badly

Proceedings of the 2013 workshop on New security paradigms workshop
A systematic review on security in Process-Aware Information Systems - Constitution, challenges, and future directions

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Process mining stands for a set of techniques to analyze business process models and logs. However, the extent to which it can be used for security auditing has not been investigated. Focusing on conformance checking and its support in ProM, this paper reports on a case-study in the financial sector applying this technology for the auditing of relevant security requirements. Although the vast majority of requirements could be verified, we notice a large manual effort to carry out the analysis. Moreover, we identify a class of security requirements that demands process discovery for analysis, and elaborate on ways in which process mining could be extended to better suit security analyses.