Skip to main content
SpringerLink
Log in

Security requirement analysis of business processes

  • Published:
Electronic Commerce Research Aims and scope Submit manuscript

Abstract

Economic globalization leads to complex decentralized company structures calling for the extensive use of distributed IT-systems. The business processes of a company have to reflect these changes of infrastructure. In particular, due to new electronic applications and the inclusion of a higher number of—potentially unknown—persons, the business processes are more vulnerable against malicious attacks than traditional processes. Thus, a business should undergo a security analysis. Here, the vulnerabilities of the business process are recognized, the risks resulting from the vulnerabilities are calculated, and suitable safeguards reducing the vulnerabilities are selected. Unfortunately, a security analysis tends to be complex and affords expensive security expert support. In order to reduce the expense and to enable domain experts with in-depth insight in business processes but with limited knowledge about security to develop secure business processes, we developed the framework MoSSBP facilitating the handling of business process security requirements from their specification to their realization. In particular, MoSS BP provides graphical concepts to specify security requirements, repositories of various mechanisms enforcing the security requirements, and a collection of reference models and case studies enabling the modification of the business processes. In this paper, the MoSS BP -framework is presented. Additionally, we introduce a tool supporting the MoSSBP-related security analysis of business processes and the incorporation of safeguards. This tool is based on object-oriented process models and acts with graph rewrite systems. Finally, we clarify the application of the MoSSBP-framework by means of a business process for tender-handling which is provided by anonymity-preserving safeguards.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Atluri, V., Huang, W.-K., & Bertino, E. (1997). An execution model for multilevel secure workflows. In Proceedings of the IFIP 11.3 Workshop on Database Security.

  2. Bardohl, R., Taentzer, G., Minas, M., & Schürr, A. (1999). Application of graph transformation to visual languages. In Handbook on Graph Grammars and Computing by Graph Transformation, Volume 2: Applications, Languages and Tools, Chapter 1. World Scientific.

  3. Baskerville, R. (1988). Designing Information Systems Security. Chichester: Wiley & Sons.

    Google Scholar 

  4. Baskerville, R. (1993). Information systems design methods : Implications for information systems development. ACM Computing Surveys, 25(4), 375–414.

    Article  Google Scholar 

  5. Bertino, E., Ferrari, E., & Atluri, V. (1997). A flexible model supporting the specification and enforcement of role-based authorizations in workflow management systems. In Proceedings of the 2nd ACM Workshop on Role-Based Access Control.

  6. Booch, G., Rumbaugh, J., & Jacobson, I. (1999). The unified modeling language user guide. Addison-Wesley Longman.

  7. Browne, P. (1979). Security: Checklist for computer center self-audits. Arlington: AFIPS Press.

    Google Scholar 

  8. Bui, T., & Sivasankaran, T. (1987). Cost-Effectiveness Modeling for a Decision Support System in Computer Security. Computer Security, 6(2), 139–151.

    Article  Google Scholar 

  9. Bußler, C. (1995). Access control in workflow management systems. In Proceedings of the IT Security’94 Conference (pp. 165–179), Oldenbourg-Verlag Munich.

  10. Carroll, J., & Maclver, W. (1984). Towards an expert system for computer facility certification. In Computer Security A Global Challenge, (pp. 293–306). Amsterdam: North-Holland

    Google Scholar 

  11. CCTA. (1991). SSADM-CRAMM, Subject guide for SSADM version 3 and CRAMM version 2. London: CCTA.

  12. Chisnall, W. R. (1997). Applying risk analysis methods to university systems. In Proceedings of the EUNIS 97 Congress, Grenoble.

  13. Clarke, R. (1999). Identified, anonymous and pseudonymous transactions : The spectrum of choice. In IFIP WG 8.5/9.6 Working Concerence on User Identification & Privacy Protection, Stockholm.

  14. Computer Security Consultants, Ridgefield. (1988). Using decision analysis to estimate computer security risk.

  15. Courtney, R. (1977). Security risk assessment in electronic data processing. In AFIPS Conference Proceedings of the National Computer Conference 46 (pp. 97–104). Arlington:AFIPS.

  16. Curtis, B., Kellner, M.I., & Over, J. (1992). Process modeling. Communications of the ACM, 35(9), 75–90.

    Article  Google Scholar 

  17. Data Interchange Standards Association. (2001). X12 Standard, release 4050 edition, December.

  18. Demuth, T., & Rieke, A. (2003). Bilateral anonymity and prevention of abusing logged web addresses. In 2000 Military Communications International Symposium, Los Angeles.

  19. Finne, T. (1996). Computer support for information security analysis in a small business environment. In Jan. H.P. Eloff, (Ed.), Proceedings of the IFIP TC11 WG 11.2 on small systems security, (pp. 73–88), Samos.

  20. Fisher, R. (1984). Information Systems Security. Englewood Cliffs: Prentice-Hall.

    Google Scholar 

  21. Gavish, B., & Gerdes, J. (1998). Anonymous mechanisms in group decision support systems communication. Decision Support Systems, 23(4), 297–328.

    Article  Google Scholar 

  22. Guarro, S. (1987). Principles and Procedures of the LRAM Approach to Information Systems Risk Analysis and Management. Computer Security, 6(6), 493–504.

    Article  Google Scholar 

  23. Herrmann, G. (2002) VerläUßlichkeit von GeschäUftsprozessen—Konzeptionelle Modellbildung und Realisierungsrahmen. Logos Verlag, Published Version of Doctoral Thesis. In German.

  24. Herrmann, G., & Pernul, G. (1998). Towards security semantics in workflow management. In Proceedings of the 31st Annual Hawaii International Conference on System Sciences (HICSS-31). IEEE Computer Society Press.

  25. Herrmann, G., & Pernul, G. (1999). Viewing business process security from different perspectives. International Journal of Electronic Commerce, 3(3), 89–103.

    Google Scholar 

  26. Herrmann, P. (2001). Information flow analysis of component-structured applications. In Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC’2001) (pp. 45–54). New Orleans: ACM SIGSAC, IEEE Computer Society Press.

  27. Herrmann, P., & Krumm, H. (2001). Object-oriented security analysis and modeling. In Proceedings of the 9th International Conference on Telecommunication Systems—Modelling and Analysis (pp. 21–32). Dallas: ATSMA, IFIP.

  28. Herrmann, P., Wiebusch, L., & Krumm, H. (2001). Tool-assisted security assessment of distributed applications. In Proceedings of the 3rd IFIP WG 6.1 International Working Conference on Distributed Applications and Interoperable Systems (DAIS 2001) (pp. 289–294). Krakow: Kluwer.

  29. Hoffman, L., Michelman, E., & Clements, D. (1978). SECURATE—Security evaluation and analysis using fuzzy metrics. In AFIPS Conference Proceedings of the National Computer Conference 47 (pp. 531–540). Arlington. AFIPS.

  30. Holbein, R., Teufel, S., & Bauknecht, K. (1996). The use of business process models for security design in organizations. In S. Katsikas & D. Gritzalis (Eds.). Proceedings of the IFIP TC11 conference on information systems security (pp. 13–22). London: Chapman & Hall.

  31. Hoyt, D. (1973). Computer security handbook. New York: Macmillan.

    Google Scholar 

  32. Hudoklin, A., & Stadler, A. (1997). Security and Privacy of Electronic Commerce. In Proceedings of the 10th International Bled Electronic Commerce Conference (pp. 523–535). Moderna Organizacija.

  33. Hung, P.C.K., & Karlapalem, K. (1997). A Paradigm for Security Enforcement in CapBasED-AMS. In Proceedings of the 2nd IFCIS International Conference on Cooperative Information Systems (CoopIS’97) (pp. 79–88).

  34. ISO/IEC. (1998). Common criteria for information technology security evaluation. International Standard ISO/IEC 15408.

  35. Kienzle, D.M., & Wulf, W.A. (1997). A Practical Approach to Security Assessment. In Proceedings of the Workshop New Security Paradigms ’97 (pp. 5–16). Lake District.

  36. Krauss, L. (1972). SAFE: Security audit and field evaluation for computer facilities and information systems. New York: Amacon.

    Google Scholar 

  37. Kwok, L.F., & Longley, D. (1996). A security officer’s workbench. Computers & Security, 15(8), 695–705.

    Article  Google Scholar 

  38. Lacoste, G. (1995). SEMPER: A Security Framework for the Global Electronic Marketplace. SEMPER document 431LG042/Draft/25 August 1997/public.

  39. Leiwo, J., Gamage, C., & Zheng, Y. (1998). Harmonizer—A Tool for Processing Information Security Requirements in Organization. In Proceedings of the 3rd Nordic Workshop on Secure Computer Systems (NORDSEC’98), Trondheim.

  40. Lund, M. S., den Braber, F., & Stølen, K. (2003). Maintaining Results from Security Assessments. In Proceedings of the 7th European Conference on Software Maintenance and Reengineering (CSMR’2003) (pp. 341–350). IEEE Computer Society Press.

  41. OBI Consortium. (1999). OBI Technical Specifications—Open Buying on the Internet, draft release v2.1 edition.

  42. Ozier, W. (1989). Risk Quantification Problems and Bayesian Decision Support System Solutions. Information Age, 11(4), 229–234.

    Google Scholar 

  43. Parker, D. (1981). Computer security management, Reston.

  44. Pfitzmann, A. (1999). Technologies for Multilateral Security. In G. Müller, & K. Rannenberg, (Eds.), Multilateral security in communications, vol. 3: Technology, Infrastructure, Economy (pp. 85–91). Munich: Addison-Wesley.

    Google Scholar 

  45. Pfitzmann, A. & Köhntopp, M. (2001). Anonymity, Unobservability, and Pseudonymity—A Proposal for Terminology. In H. Federrath, (Ed.), Anonymity 2000, LNCS 2009, pages 1–9.

  46. Pfitzmann, A., Pfitzmann, B., & Waidner, M. (1991). ISDN-MIXes: Untraceable Communication with Small Bandwidth Overhead. In Kommunikation in Verteilten Systemen (KIVS’91), pages 451–463.

  47. Quatrani, T. (2000). Visual Modeling with Rational Rose 2000 and UML. Addison-Wesley, 2 edition.

  48. Roessler, T. (1999). Anonymization in data networks—extensive overview of anonymization services on the internet. In D. Fox, & H. Reimer, (Eds.), Datenschutz und Datensicherheit 1999. Vieweg.

  49. Röhm, A., Herrmann, G., & Pernul, G. (1999). A Language for Modelling Secure Business Transactions. In Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC’99), (pp. 22–31). IEEE Computer Society Press.

  50. Röhm, A. & Pernul, G. (2000). COPS: A Model and Infrastructure for Secure and Fair Electronic Markets. Decision Support Systems Journal, 29(4), 343–355.

    Article  Google Scholar 

  51. Röhm, A., Pernul, G., & Herrmann, G. (1998). Modelling Secure and Fair Electronic Commerce. In Proceedings of the 14th Annual Computer Security Application Conference (ACSAC’98), (pp. 155–164). IEEE Computer Society Press.

  52. Rubert, M. (1999). Anonymitat als Sicherheitsmerkmal von Geschäftsprozessen. Diploma thesis, Department of Business Administration, University of Essen. In German.

  53. Shen, H., & Dewan, P. (1992). Access Control for Collaborative Environments. In Proceedings of the CSCW’92 Conference. ACM Press, New York.

  54. Smith, S. & Lim, J. (1984). An Automated Method for Assessing the Effectiveness of Computer Security Safeguards. In Computer Security A Global Challenge, pages 321–328. North-Holland, Amsterdam.

  55. Starke, G. (1994). Business Models and their Description. In G. Chroust & A. Benczur (Eds.), Workflow Management: Challenges, Paradigms, and Products (CON’94), of Schriftenreihe der österreichischen Computer Gesellschaft, vol. 76, pages 134–147. Oldenbourg-Verlag Wien.

  56. Syverson, P. F., Reed, M. G., & Goldschlag, D. M. (2000). Onion Routing Access Configurations. In DISCEX 2000: Proceedings of the DARPA Information Survivability Conference and Exposition, vol. 1, pages 34–40, Hilton Head, SC. IEEE Computer Society Press.

  57. Thoben, W. (2000). Wissensbasierte Bedrohungs-und Risikoanalyse Workflow-basierter Anwendungssysteme. Reihe Wirtschaftsinformatik. B.G. Teubner-Verlag, Stuttgart. Published Version of Doctoral Thesis. In German.

  58. Thomas, R. & Sandhu, R. (1997). Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Authorization Management. In Proceedings of the IFIP WG11.3 Workshop on Database Security. London: Chapman & Hall.

  59. Tigris. (2000). ArgoUML Vision. argouml.tigris.org/vision.html.

  60. Zviran, M., Hoge, J., & Micucci, V. (1990). SPAN—a DSS for Security Plan Analysis. Computer Security, 9(2), 153–160.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Telematics, Norwegian University of Science and Technology, 7491, Trondheim, Norway

    Peter Herrmann

  2. Institute of Computer Science and Business Information Systems, University of Duisburg-Essen, 45141, Essen, Germany

    Gaby Herrmann

Authors
  1. Peter Herrmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gaby Herrmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Peter Herrmann.

Additional information

Peter Herrmann studied computer science at the University of Karlsruhe, Germany (diploma in 1990). Afterwards, he worked as a Ph.D. student (doctorate in 1997) and postdoctoral researcher in the Computer Networks and Distributed Systems Group of the Computer Science Department at the University of Dortmund, Germany. Since 2005 he is a full professor for formal methods at the Department for Telematics of the Norwegian University of Science and Technology (NTNU) in Trondheim, Norway. His research interests include the formal-based development of networked systems and the engineering of distributed services. Moreover, he is interested in security and trust aspects of component structured distributed software.

Gaby Herrmann studied computer science at the University of Karlsruhe, Germany (diploma in 1991). Afterwards, she worked as a researcher in the Communication Group and the Information Systems Group at University of Duisburg-Essen (Doctorate in 2001, topic: security of business processes). Since 2000 she works as executive secretary at the Department of Economics, Business Studies and Computer Sciences at the same university.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Herrmann, P., Herrmann, G. Security requirement analysis of business processes. Electron Commerce Res 6, 305–335 (2006). https://doi.org/10.1007/s10660-006-8677-7

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10660-006-8677-7

Keywords

Search

Navigation