A semi-automated BPMN-based framework for detecting conflicts between security, data-minimization, and fairness requirements

Requirements are inherently prone to conflicts. Security, data-minimization, and fairness requirements are no exception. Importantly, undetected conflicts between such requirements can lead to severe effects, including privacy infringement and legal sanctions. Detecting conflicts between security, data-minimization, and fairness requirements is a challenging task, as such conflicts are context-specific and their detection requires a thorough understanding of the underlying business processes. For example, a process may require anonymous execution of a task that writes data into a secure data storage, where the identity of the writer is needed for the purpose of accountability. Moreover, conflicts not arise from trade-offs between requirements elicited from the stakeholders, but also from misinterpretation of elicited requirements while implementing them in business processes, leading to a non-alignment between the data subjects’ requirements and their specifications. Both types of conflicts are substantial challenges for conflict detection. To address these challenges, we propose a BPMN-based framework that supports: (i) the design of business processes considering security, data-minimization and fairness requirements, (ii) the encoding of such requirements as reusable, domain-specific patterns, (iii) the checking of alignment between the encoded requirements and annotated BPMN models based on these patterns, and (iv) the detection of conflicts between the specified requirements in the BPMN models based on a catalog of domain-independent anti-patterns. The security requirements were reused from SecBPMN2, a security-oriented BPMN 2.0 extension, while the fairness and data-minimization parts are new. For formulating our patterns and anti-patterns, we extended a graphical query language called SecBPMN2-Q. We report on the feasibility and the usability of our approach based on a case study featuring a healthcare management system, and an experimental user study. \ua9 2020, The Author(s)

From Secure Business Process Models to Secure Artifact-Centric Specifications

Making today's systems secure is an extremely difficult and challenging problem. Socio and technical issues interplay and contribute in creating vulnerabilities that cannot be easily prevented without a comprehensive engineering method. This paper presents a novel approach to support process-aware secure systems modeling and automated generation of secure artifact-centric implementations. It combines social and technical perspectives in developing secure complex systems. This work is the result of an academic and industrial collaboration, where SecBPMN2, a research prototype, has been integrated with SAP River, an industrial artifact-centric language

D7.5 FIRST consolidated project results

The FIRST project commenced in January 2017 and concluded in December 2022, including a 24-month suspension period due to the COVID-19 pandemic. Throughout the project, we successfully delivered seven technical reports, conducted three workshops on Key Enabling Technologies for Digital Factories in conjunction with CAiSE (in 2019, 2020, and 2022), produced a number of PhD theses, and published over 56 papers (and numbers of summitted journal papers). The purpose of this deliverable is to provide an updated account of the findings from our previous deliverables and publications. It involves compiling the original deliverables with necessary revisions to accurately reflect the final scientific outcomes of the project

Collection and Elicitation of Business Process Compliance Patterns with Focus on Data Aspects

Business process compliance is one of the prevalent challenges for companies. Despite an abundance of research proposals, companies still struggle with manual compliance checks and the understanding of compliance violations in the light of missing root-cause explanations. Moreover, approaches have merely focused on the control flow perspective in compliance checking, neglecting other aspects such as the data perspective. This paper aims at analyzing the gap between existing academic work and compliance demands from practice with a focus on the data aspects. The latter emerges from a small set of regulatory documents from different domains. Patterns are assumed as the right level of abstraction for compliance specification due to their independence of (technical) implementation in (process-aware) information systems, potential for reuse, and understandability. A systematic literature review collects and assesses existing compliance patterns. A first analysis of ten regulatory documents from different domains specifically reveals data-oriented compliance constraints that are not yet reflected by existing compliance patterns. Accordingly, data-related compliance patterns are specified

Secure*BPMN - a graphical extension for BPMN 2.0 based on a reference model of information assurance & security

The main contribution of this thesis is Secure*BPMN, a graphical security modelling extension for the de-facto industry standard business process modelling language BPMN 2.0.1. Secure*BPMN enables a cognitively effective representation of security concerns in business process models. It facilitates the engagement of experts with different backgrounds, including non-security and nontechnical experts, in the discussion of security concerns and in security decision-making. The strength and novelty of Secure*BPMN lie in its comprehensive semantics based on a Reference Model of Information Assurance & Security (RMIAS) and in its cognitively effective syntax. The RMIAS, which was developed in this project, is a synthesis of the existing knowledge of the Information Assurance & Security domain. The RMIAS helps to build an agreed-upon understanding of Information Assurance & Security, which experts with different backgrounds require before they may proceed with the discussion of security issues. The development process of the RMIAS, which was made explicit, and the multiphase evaluation carried out confirmed the completeness and accuracy of the RMIAS, and its suitability as a foundation for the semantics of Secure*BPMN. The RMIAS, which has multiple implications for research, education and practice is a secondary contribution of this thesis, and is a contribution to the Information Assurance & Security domain in its own right. The syntax of Secure*BPMN complies with the BPMN extensibility rules and with the scientific principles of cognitively effective notation design. The analytical and empirical evaluations corroborated the ontological completeness, cognitive effectiveness, ease of use and usefulness of Secure*BPMN. It was verified that Secure*BPMN has a potential to be adopted in practice

Obstructions in Security-Aware Business Processes

This Open Access book explores the dilemma-like stalemate between security and regulatory compliance in business processes on the one hand and business continuity and governance on the other. The growing number of regulations, e.g., on information security, data protection, or privacy, implemented in increasingly digitized businesses can have an obstructive effect on the automated execution of business processes. Such security-related obstructions can particularly occur when an access control-based implementation of regulations blocks the execution of business processes. By handling obstructions, security in business processes is supposed to be improved. For this, the book presents a framework that allows the comprehensive analysis, detection, and handling of obstructions in a security-sensitive way. Thereby, methods based on common organizational security policies, process models, and logs are proposed. The Petri net-based modeling and related semantic and language-based research, as well as the analysis of event data and machine learning methods finally lead to the development of algorithms and experiments that can detect and resolve obstructions and are reproducible with the provided software