Model-based Situational Security Analysis

Eichler, J. and Rieke, R.— 2011

Security analysis is growing in complexity with the increase in functionality, connectivity, and dynamics of current electronic business processes. To tackle this complexity, the application of models in pre-operational phases is becoming standard practice. Runtime models are also increasingly applied to analyze and validate the actual security status of business process instances. In this paper we present an approach to support not only model-based evaluation of the current security status of business process instances, but also to allow for decision support by analyzing close-future process states. Our approach is based on operational formal models derived from development-time process and security models. This paper exemplifies our approach utilizing real world processes from the logistics domain and demonstrates the systematic development and application of runtime models for situational security analysis.

TitelModel-based Situational Security Analysis
VerfasserEichler, J. and Rieke, R.
Themasecurity requirements elicitation, predictive security analysis, analysis of business process behavior, security modeling and simulation, security monitoring
Erschienen inWorkshop on Models@run.time (MRT 2011)