Skip to main content
SpringerLink
Log in

Designing secure business processes with SecBPMN

  • Theme Section Paper
  • Published:
Software & Systems Modeling Aims and scope Submit manuscript

Abstract

Modern information systems are increasingly large and consist of an interplay of technical components and social actors (humans and organizations). Such interplay threatens the security of the overall system and calls for verification techniques that enable determining compliance with security policies. Existing verification frameworks either have a limited expressiveness that inhibits the specification of real-world requirements or rely on formal languages that are difficult to use for most analysts. In this paper, we overcome the limitations of existing approaches by presenting the SecBPMN framework. Our proposal includes: (1) the SecBPMN-ml modeling language, a security-oriented extension of BPMN for specifying composite information systems; (2) the SecBPMN-Q query language for representing security policies; and (3) a query engine that enables checking SecBPMN-Q policies against SecBPMN-ml specifications. We evaluate our approach by studying its understandability and perceived complexity with experts, running scalability analysis of the query engine, and through an application to a large case study concerning air traffic management.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Notes

  1. The System Wide Information Management (SWIM) [15] is a next-generation communication system for the secure exchange of information among ATM decision makers.

  2. The low-level (software and hardware) functions that implement the controls imposed by the policy [50].

  3. www.aniketos.eu.

References

  1. Atluri, V., Huang, W.: An extended Petri net model for supporting workflows in a multilevel secure environment. In: Samarati, P., Sandhu, R. (eds.) Database Security X: Status and Prospects, pp. 199–216. Chapman and Hall, london (1996)

  2. Awad, A.: BPMN-Q: a language to query business processes. In: EMISA, vol. P-119, pp. 115–128 (2007)

  3. Awad, A.: A Compliance Management Framework for Business Process Models. Ph.D. thesis (2010)

  4. Basili, V.R., Caldiera, G., Rombach, D.H.: The Goal Question Metric Approach. Wiley, New York (1994)

    Google Scholar 

  5. Beeri, C., Eyal, A., Kamenkovich, S., Milo, T.: Querying business processes with BP-QL. Inf. Syst. 33(6), 477–507 (2008)

    Article  Google Scholar 

  6. Blanc, X., Mougenot, A., Mounier, I., Mens, T.: Incremental detection of model inconsistencies based on model operations. In: Proceedings of the CAiSE, pp. 32–46 (2009)

  7. Brucker, A.D., Hang, I., Lückemeyer, G., Ruparel, R.: SecureBPMN: modeling and enforcing access control requirements in business processes. In: Proceedings of the SACMAT, pp. 123–126 (2012)

  8. Cherdantseva, Y., Hilton, J.: A reference model of information assurance and security. In: Proceedings of the ARES, pp. 546–555 (2013)

  9. Clocksin, W., Mellish, C.: Programming in PROLOG. Springer, Berlin (2003)

    Book  MATH  Google Scholar 

  10. Dalpiaz, F., Giorgini, P., Mylopoulos, J.: Adaptive socio-technical systems: a requirements-driven approach. Requir. Eng. 18(1), 1–24 (2013)

    Article  Google Scholar 

  11. Delfmann, P., Dietrich, H., Havel, J., Steinhorst, M.: A language-independent model query tool. In: Proceedings of the DESRIST, pp. 453–457 (2014)

  12. Deutch, D., Milo, T.: Querying structural and behavioral properties of business processes. In: Proceedings of the DPL, pp. 169–185 (2007)

  13. Dumas, M., Hofstede, A.H.M.: UML activity diagrams as a workflow specification language. In: Proceedings of the UML, pp. 76–90 (2001)

  14. Emerson, E.A., Halpern, J.Y.: Decision procedures and expressiveness in the temporal logic of branching time. In: Proc. of STOC, pp. 169–180 (1982)

  15. Federal Aviation Administration: SWIM ATM Case Study, last visited March 2014. http://www.faa.gov/about/office_org/headquarters_offices/ato/service_units/techops/atc_comms_services/swim/ (2014)

  16. Ferraiolo, D., Cugini, J., Richard Kuhn, D.: Role-Based Access Control (RBAC): Features and Motivations In: Proceedings of 11th annual computer security application conference, pp. 241–248 (1995)

  17. Firesmith, D.: Specifying reusable security requirements. J. Object Technol. 3(1), 61–75 (2004)

    Article  Google Scholar 

  18. Ghose, A., Koliadis, G.: Auditing business process compliance. In: Proceedings of the ISOC, pp. 169–180 (2007)

  19. Gruhn, V., Laue, R.: A heuristic method for detecting problems in business process models. Bus. Process Manag. J. 16(5), 806–821 (2010)

    Article  Google Scholar 

  20. Hofstede, A., Ouyang, C., La Rosa, M., Song, L., Wang, J., Polyvyanyy, A.: APQL: a process-model query language. In: Proceedings of the Asia-Pacific Business Process Management, vol. 159, pp. 23–38 (2013)

  21. ISACA: An Introduction to the Business Model for Information Security. Technical report (2009). http://www.isaca.org/Knowledge-Center/Research/Documents/Introduction-to-the-Business-Model-for-Information-Security_res_Eng_0109.pdf

  22. Josang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decis. Support Syst. 43(2), 618–644 (2007)

    Article  Google Scholar 

  23. Jurjens, J.: UMLsec: extending UML for secure systems development. In: Proceedings of the UML, pp. 412–425 (2002)

  24. Kharbili, M.E., de Medeiros, A.K.A., Stein, S., van der Aalst, W.M.P.: Business process compliance checking: current state and future challenges. In: Loos, P., Nttgens, M., Turowski, K., Werth, D. (eds.) MobIS, LNI, vol. 141, pp. 107–113. GI (2008)

  25. Leitner, M., Miller, M., Rinderle-Ma, S.: An analysis and evaluation of security aspects in the business process model and notation. In: Proceedings of the ARES, pp. 262–267 (2013)

  26. Leitner, M., Rinderle-Ma, S.: A systematic review on security in process-aware information systems—constitution, challenges, and future directions. Inf. Softw. Technol. 56(3), 273–293 (2014)

  27. Leitner, M., Schefer-Wenzl, S., Rinderle-Ma, S., Strembeck, M.: An experimental study on the design and modeling of security concepts in business processes. In: Proceedings of the PoEM, pp. 236–250 (2013)

  28. Li, J., Mirkovic, J., Wang, M., Reiher, P., Zhang, L.: SAVE: source address validity enforcement protocol. In: Proceedings of the INFOCOM, vol. 3, pp. 1557–1566 (2002)

  29. Li, N., Tripunitara, M.V., Bizri, Z.: On mutually exclusive roles and separation-of-duty. ACM Trans. Inf. Syst. Secur. 10(2), 5 (2007)

    Article  Google Scholar 

  30. Liu, Y., Müller, S., Xu, K.: A static compliance-checking framework for business process models. IBM Syst. J. 46(2), 335–361 (2007)

    Article  Google Scholar 

  31. Mason, M.: Sample size and saturation in PhD studies using qualitative interviews. Forum Qual. Soc. Res. 11(3), 190–197 (2010)

    Google Scholar 

  32. McCumber, J.: Information systems security: a comprehensive model. In: Proceedings of the NCSC (1991)

  33. Menzel, M., Thomas, I., Meinel, C.: Security requirements specification in service-oriented business process management. In: Proceedings of the ARES, pp. 41–48 (2009)

  34. Monakova, G., Brucker, A.D., Schaad, A.: Security and safety of assets in business processes. Appl. Comput. 27, 1667–1673 (2012)

    Google Scholar 

  35. Moody, D.: The physics of notations: toward a scientific basis for constructing visual notations in software engineering. IEEE Trans. Softw. Eng. 35, 756–779 (2009)

    Article  Google Scholar 

  36. OASIS: Web Services Business Process Execution Language. http://docs.oasis-open.org/wsbpel/2.0/wsbpel-v2.0.html (2007)

  37. OASIS: eXtensible Access Control Markup Language (XACML)Version 3.0. http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html (2013)

  38. OMG: BPMN 2.0. http://www.omg.org/spec/BPMN/2.0 (2011)

  39. OMG: Unified Modeling Language (UML), Infrastructure, V2.1.2. Technical report (2007). http://www.omg.org/spec/UML/2.1.2/Infrastructure/PDF

  40. Parker, D.: Our excessively simplistic information security model and how to fix it. ISSA J. 8(7), 12–21 (2010)

    Google Scholar 

  41. Parker, D.B.: Fighting Computer Crime—A New Framework for Protecting Information. Wiley, New York (1998)

    Google Scholar 

  42. Peffers, K., Tuunanen, T., Rothenberger, M., Chatterjee, S.: A design science research methodology for information systems research. J. Manag. Inf. Syst. 24(3), 45–77 (2007)

    Article  Google Scholar 

  43. Rasmussen, J.L., Singh, M.: Designing a security system by means of coloured Petri nets. In: Proceedings of the ICATPN, pp. 400–419 (1996)

  44. Rodríguez, A., Fernández-Medina, E., Piattini, M.: A BPMN extension for the modeling of security requirements in business processes. IEICE Trans. Inf. Syst. 90(4), 745–752 (2007)

    Article  Google Scholar 

  45. Sadiq, S., Governatori, G., Namiri, K.: Modeling control objectives for business process compliance. In: Proceedings of the BPM, pp. 149–164 (2007)

  46. Saleem, M., Jaafar, J., Hassan, M.: A domain-specific language for modelling security objectives in a business process models of SOA applications. Adv. Inf. Sci. Serv. Sci. 4(1), 353–362 (2012)

    Google Scholar 

  47. Salnitri, M., Dalpiaz, F., Giorgini, P.: Aligning service-oriented architectures with security requirements. In: Proc. of OTM, pp. 232–249 (2012)

  48. Salnitri, M., Dalpiaz, F., Giorgini, P.: Modeling and verifying security policies in business processes. In Proceedings of the BPMDS, pp. 200–214 (2014)

  49. Salnitri, M., Giorgini, P.: Modeling and verification of ATM security policies with SecBPMN. In: Proceedings of the SHPCS (2014)

  50. Samarati, P., Vimercati, S.: Access control: policies, models, and mechanisms. In: FOSAD, vol. 2171, pp. 137–196 (2001)

  51. Schmidt, R., Bartsch, C., Oberhauser, R.: Ontology-based representation of compliance requirements for service processes. In: Proceedings of the CEUR (2007)

  52. SecBPMN Website: SecBPMN Website, last visited Sept 2014. http://www.secbpmn.disi.unitn.it (2014)

  53. Simon, R., Zurko, M.: Separation of duty in role-based environments. In: Proceedings of the CSFW, pp. 183–194 (1997)

  54. Sommerville, I., Cliff, D., Calinescu, R., Keen, J., Kelly, T., Kwiatkowska, M., Mcdermid, J., Paige, R.: Large-scale complex IT systems. Commun. ACM 55(7), 71–77 (2012)

    Article  Google Scholar 

  55. Störrle, H.: VMQL: a visual language for ad-hoc model querying. J. Vis. Lang. Comput. 22, 3–29 (2011)

    Article  Google Scholar 

  56. The Apache Software Foundation: Apache Rampart website, last visited Aug 2014. http://axis.apache.org/axis2/java/rampart/ (2014)

  57. van der Aalst, W.M.P.: Formalization and verification of event-driven process chains. Inf. Softw. Technol. 41(10), 639–650 (1999)

    Article  Google Scholar 

  58. Wohlin, C., Runeson, P., Höst, M., Ohlsson, M.C., Regnell, B., Wesslèn, A.: Experimentation in Software Engineering: An Introduction. Kluwer Academic, Boston, MA (2000)

  59. Wolter, C., Menzel, M., Schaad, A., Miseldine, P., Meinel, C.: Model-driven business process security requirement specification. J. Syst. Archit. 55(4), 211–223 (2009)

    Article  Google Scholar 

  60. Wolter, C., Schaad, A.: Modeling of task-based authorization constraints in BPMN. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) Business Process Management. Lecture Notes in Computer Science, vol. 4714, pp. 64–79. Springer, Berlin (2007)

Download references

Acknowledgments

This research was partially supported by the ERC advanced Grant 267856, ‘Lucretius: Foundations for Software Evolution’, www.lucretius.eu and by European Union’s Horizon 2020 research and innovation program under Grant Agreement No. 653642-VisiON.

Author information

Authors and Affiliations

  1. Department of Information Engineering and Computer Science, University of Trento, Trento, Italy

    Mattia Salnitri & Paolo Giorgini

  2. Department of Information and Computing Sciences, Utrecht University, Utrecht, The Netherlands

    Fabiano Dalpiaz

Authors
  1. Mattia Salnitri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fabiano Dalpiaz
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Paolo Giorgini
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mattia Salnitri.

Additional information

Communicated by Dr. Selmin Nurcan.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Salnitri, M., Dalpiaz, F. & Giorgini, P. Designing secure business processes with SecBPMN. Softw Syst Model 16, 737–757 (2017). https://doi.org/10.1007/s10270-015-0499-4

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10270-015-0499-4

Keywords

Search

Navigation