Skip to main content
SpringerLink
Log in

Time-Based Trace Clustering for Evolution-Aware Security Audits

  • Conference paper
Business Process Management Workshops (BPM 2011)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 100))

Included in the following conference series:

Abstract

This paper proposes a novel trace clustering approach for workflow mining to allow for security audits that regard the evolution of process models along time. Specifically, the trace-clustering method allows auditors to distinguish between different “active” process variants within a timeframe, thereby allowing the visualization of the process evolution. Separately analyzing subsequent process variants allows auditors to localize time-frames and corresponding models for identified vulnerabilities and thus more sophisticated security audits.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Accorsi, R.: Business process as a service: Chances for remote auditing. In: IEEE Computer Software and Applications Conference (to appear, 2011)

    Google Scholar 

  2. Accorsi, R., Wonnemann, C.: Strong non-leak guarantees for workflow models. In: ACM Symposium on Applied Computing (SAC), pp. 308–314 (2011)

    Google Scholar 

  3. Adam, N., Atluri, V., Huang, W.: Modeling and analysis of workflows using petri nets. Journal of Intelligent Information Systems 10(2), 131–158 (1998)

    Article  Google Scholar 

  4. Atluri, V., Warner, J.: Security for workflow systems. In: Handbook of Database Security, pp. 213–230. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  5. Jagadeesh Chandra Bose, R.P., van der Aalst, W.: Trace Alignment in Process Mining: Opportunities for Process Diagnostics. In: Hull, R., Mendling, J., Tai, S. (eds.) BPM 2010. LNCS, vol. 6336, pp. 227–242. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  6. Jagadeesh Chandra Bose, R.P., van der Aalst, W.M.P., Žliobaitė, I., Pechenizkiy, M.: Handling Concept Drift in Process Mining. In: Mouratidis, H., Rolland, C. (eds.) CAiSE 2011. LNCS, vol. 6741, pp. 391–405. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  7. Cummins, F.: BPM meets SOA. In: Handbook on Business Process Management 1, pp. 461–479 (2010)

    Google Scholar 

  8. de Medeiros, A.K.A., Guzzo, A., Greco, G., van der Aalst, W.M.P., Weijters, A.J.M.M., van Dongen, B.F., Saccà, D.: Process Mining Based on Clustering: A Quest for Precision. In: ter Hofstede, A.H.M., Benatallah, B., Paik, H.-Y. (eds.) BPM Workshops 2007. LNCS, vol. 4928, pp. 17–29. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  9. Greco, G., Guzzo, A., Pontieri, L., Saccà, D.: Discovering expressive process models by clustering log traces. IEEE Transactions on Knowledge and Data Engineering 18(8), 1010–1027 (2006)

    Article  Google Scholar 

  10. Günther, C., Rinderle-Ma, S., Reichert, M., van der Aalst, W.M.P., Recker, J.: Using process mining to learn from process changes in evolutionary systems. Business Process Integration and Management 1, 111 (2007)

    Google Scholar 

  11. Lakshmanan, G., Keyser, P., Duan, S.: Detecting changes in a semi-structured business process through spectral graph analysis. In: IEEE Conference of Data Engineering Workshops, pp. 255–260 (2011)

    Google Scholar 

  12. Lowis, L., Accorsi, R.: Finding vulnerabilities in SOA-based business processes. IEEE Transactions on Service Computing (to appear, 2011)

    Google Scholar 

  13. Sayana, A.: Using CAATs to support IS audit. Information Systems Control Journal (2003)

    Google Scholar 

  14. Song, M., Günther, C.W., van der Aalst, W.M.P.: Trace Clustering in Process Mining. In: Ardagna, D., Mecella, M., Yang, J. (eds.) BPM 2008 Workshops. LNBIP, vol. 17, pp. 109–120. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  15. Teeter, R., Alles, M., Vasarhelyi, M.: Remote Audit: A research framework. Journal of Emerging Technology in Accounting (to appear)

    Google Scholar 

  16. van der Aalst, W.M.P., Weijters, T., Maruster, L.: Workflow mining: Discovering process models from event logs. IEEE Trans. Knowl. Data Eng. 16(9), 1128–1142 (2004)

    Article  Google Scholar 

  17. van der Aalst, W.M.P., ter Hofstede, A.H.M., Weske, M.: Business Process Management: A Survey. In: van der Aalst, W.M.P., ter Hofstede, A.H.M., Weske, M. (eds.) BPM 2003. LNCS, vol. 2678, pp. 1–12. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  18. van Dongen, B.F., van der Aalst, W.M.P.: Multi-phase process mining: Aggregating instance graphs into EPCs and Petri nets. In: PNCWB Workshop, pp. 35–58 (2005)

    Google Scholar 

  19. van Dongen, B.F., van der Aalst, W.M.P.: Multi-phase Process Mining: Building Instance Graphs. In: Atzeni, P., Chu, W., Lu, H., Zhou, S., Ling, T.-W. (eds.) ER 2004. LNCS, vol. 3288, pp. 362–376. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  20. Wei, Y., Blake, M.B.: Service-oriented computing and cloud computing: Challenges and opportunities. IEEE Internet Computing 14, 72–75 (2010)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Albert-Ludwigs-Universität Freiburg, Germany

    Thomas Stocker

Authors
  1. Thomas Stocker
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Trento, Povo, Italy

    Florian Daniel

  2. CNAM-CEDRIC, Paris, France

    Kamel Barkaoui

  3. Vienna University of Technology, Vienna, Austria

    Schahram Dustdar

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Stocker, T. (2012). Time-Based Trace Clustering for Evolution-Aware Security Audits. In: Daniel, F., Barkaoui, K., Dustdar, S. (eds) Business Process Management Workshops. BPM 2011. Lecture Notes in Business Information Processing, vol 100. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28115-0_45

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28115-0_45

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28114-3

  • Online ISBN: 978-3-642-28115-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation