A systematic review on security in Process-Aware Information Systems – Constitution, challenges, and future directions

Leitner, Maria; Rinderle-Ma, Stefanie

doi:10.1016/j.infsof.2013.12.004

Cited by 55 publications

(41 citation statements)

References 66 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Evaluation is used as a criterion for the construction of business process reference models in Fettke et al (2006). Lastly, a literature review by Leitner and Rinderle-Ma (2014) states that research evaluation is a challenge in the context of security in PAIS.…”

Section: Related Workmentioning

confidence: 99%

Evaluation Methods in Process-Aware Information Systems Research with a Perspective on Human Orientation

et al. 2016

Self Cite

View full text Add to dashboard Cite

Research on process-aware information systems (PAIS) has experienced a dramatic growth in recent years. Lately, a particular increase of empirical studies and focus on human oriented research questions could be observed, leading to an expansion of applied evaluation methods in PAIS research. At the same time, it can be observed that evaluation methods are not always applied in a systematic manner and related terminology is at times used in an ambiguous way. Hence, the paper aims at investigating evaluation methods that are typically employed in PAIS research with a special focus on human orientation. The applied methodology includes a literature review, an expert survey, and a focus group. The authors present their findings as a collection of typical evaluation methods and the related PAIS artifacts. They highlight which evaluation methods are currently used and which evaluation methods could be of interest for future PAIS research efforts.

show abstract

Section: Related Workmentioning

confidence: 99%

Evaluation Methods in Process-Aware Information Systems Research with a Perspective on Human Orientation

et al. 2016

Self Cite

View full text Add to dashboard Cite

show abstract

“…The resource perspective also comprises the specification of securityrelated information at design time [23]. This implies defining the worklist and work item operations the resources are allowed to execute.…”

Section: Resource Perspective In the Development Of Paissmentioning

confidence: 99%

Defining the resource perspective in the development of processes-aware information systems

Stroppi

Chiotti

Villarreal

2015

Information and Software Technology

View full text Add to dashboard Cite

Context. The resource perspective has impact on the performance of business processes. However, current workflow management systems (WfMSs) provide disparate support to its implementation and business process modeling languages provide limited capabilities for its definition. Thus, it is difficult to specify requirements regarding this perspective and to select an appropriate WfMS to support them in order to obtain a technological solution aligned with the organizational needs.Objective. To provide support to the definition, implementation, verification and validation of resource perspective requirements in the development of Process-Aware Information Systems (PAISs) based on WfMSs.Method. The following activities were carried out: (i) identification of resource perspective aspects in executable workflow specifications, (ii) analysis of the elements provided by the BPMN modeling language to represent these aspects, (iii) development of a framework based on BPMN for defining and implementing these aspects by using the extension mechanism provided by this language, (iv) development of a model-driven development method that leverages the framework to develop PAISs, (v) demonstration of the proposed framework and method through the development of a tool supporting them, a case study, and the evaluation against the Workflow Resource Patterns.Results. A framework, a method and a tool that support the definition of the resource perspective in the development of PAISs. Conclusion. By using the proposed framework and method, practitioners are able to: define the resource perspective requirements in conceptual process models, select a WfMS as implementation platform, and define the implementation of these requirements maintaining the consistency between the conceptual process models and the workflow specifications.

show abstract

“…With the use of a visualization, we aim to support the easier identification and understanding of potential anomalies in order to evaluate insider threats (see [16]). Furthermore, the visualization should facilitate the investigation of RBAC differences such as policy updates or reconciliation.…”

Section: Visualization Of Potential Anomaliesmentioning

confidence: 99%

Anomaly detection and visualization in generative RBAC models

Leitner

Rinderle-Ma

2014

Proceedings of the 19th ACM Symposium on Access Control Models and Technologies

Self Cite

View full text Add to dashboard Cite

With the wide use of Role-based Access Control (RBAC), the need for monitoring, evaluation, and verification of RBAC implementations (e.g., to evaluate ex post which users acting in which roles were authorized to execute permissions) is evident. In this paper, we aim at detecting and identifying anomalies that originate from insiders such as the infringement of rights or irregular activities. To do that, we compare prescriptive (original) RBAC models (i.e. how the RBAC model is expected to work) with generative (currentstate) RBAC models (i.e. the actual accesses represented by an RBAC model obtained with mining techniques). For this we present different similarity measures for RBAC models and their entities. We also provide techniques for visualizing anomalies within RBAC models based on difference graphs. This can be used for the alignment of RBAC models such as for policy updates or reconciliation. The effectiveness of the approach is evaluated based on a prototypical implementation and an experiment.

show abstract

A systematic review on security in Process-Aware Information Systems – Constitution, challenges, and future directions

Cited by 55 publications

References 66 publications

Evaluation Methods in Process-Aware Information Systems Research with a Perspective on Human Orientation

Evaluation Methods in Process-Aware Information Systems Research with a Perspective on Human Orientation

Defining the resource perspective in the development of processes-aware information systems

Anomaly detection and visualization in generative RBAC models

Contact Info

Product

Resources

About