This blog is concerned with Information Security and Business process management, and the integration of Security with BPM.
Tuesday, 27 April 2010
Research Methodology: Design Science
Design Science consist of 7 guidelines:
1- Addresses design as an artifact: must produce a viable artifact in the form of a construct, a model, a method, or an instantiation.
2- Describes problem relevance: where the objective of the research is to develop technology-based solutions to important and relevant business problems.
3- Describes the importance of using strict evaluation methods for the design: The utility, quality, and efficacy of a design artifact must be rigorously demonstrated via well-executed evaluation methods.
4- Addresses the importance of the work being considered as a contribution to the academic world: IS research effort should be considered a contribution to the field.
5- Focuses on research strictness: research relies upon the application of strict methods in both the construction and evaluation of the design artifact.
6- Design as a search process: the search for an effective artifact requires utilizing available means to reach desired ends while satisfying laws in the problem environment.
7- addresses the importance that the work be published: in both the academic community and in the practitioner’s community.
-----------------------------------------
Source:
DESIGN SCIENCE IN INFORMATION SYSTEMS RESEARCH.
Alan R. Hevner, Sudha Ram, Salvatore T. March, Jinsoo Park.
2004.
Monday, 26 April 2010
Confidentiality & BPM
Thursday, 22 April 2010
Formal representation of security requirements in workflow domain
This paper gave a nice representation of security requirements in a mathematical formulas.
They maged to represent: Time, Role, User, Task, Constrains, and the delay. They had it all in what they called "mixed-integer programming"
For example, if we have a task that we need to be only processed during a specific time, and we have a security "Time constraint" where the task should be only performed during specific time for a certain role: (t1, [dmin, dmax], enable τ) as
t1: is the object.
dmin: starting time.
dmax: end time.
τ: is the task.
The Security constraint can be represented as: tsτ = t1, tfτ - tsτ≥dmin iτ, and tfτ - tsτ≤dmax iτ.
this might seem a little difficult to understand, but believe me this security constraint was the easiest to represent.
let take it one by one to explaine the privouce formaula as it easy as you will see.
the formula says: Task performer of the task "τ" will be object "t1" only and only if "task finish time - task start time is larger than the starting time for this task", and "task finish time - task start time is less than the ending time for this task".
the paper include other intersting security requirments represented in mathematical formal equations.
Privacy-aware Workflow management .. what a nice paper.
A summery of this paper is posted in the blog (under the "Work done" section). but in general i like the idea they proposed of how to solve the problem of privacy, and i believe that the same idea can be used to solve other security requirements such as integrity.
The idea was based on 4 main points: adding the subject, Auxiliary data, work allocation, and data patterns.
As it is clear (without going in to details) that every subject has it is own sittings and authorization requirements, so before processing any subject through the workflow, the system will make sure that the privacy requirements are satisfied.
i personally believe that the same idea can be used to satisfy other security requirements such as "integrity"; for example we can add a field in the records to show the owner of the subject, and then another field show last modification, and by whom it was done.
so even if a person is allowed to see the subject information (satisfying privacy requirement) he might not be allowed to modify the information.
this idea will be explored more in the future.
PhD comics
this is a one i liked:
you can read more comics on there website www.phdcomics.com.
Tuesday, 20 April 2010
Friday, 16 April 2010
Papers fully read and Catigorized ..
This is a list of papers that i have done reading, categorizing, and summarizing.
------------------------------------
Paper title: A BPMN Extension for the Modeling of Security Requirements in Business Processes.
Author(s): Alfonso RODR´IGUEZ, Eduardo FERN´ANDEZ-MEDINA, and Mario PIATTINI.
Category:integrating Security Requirements into BPM (Modeling Notation extension).
Date finished reading:26-4-2010
Paper title: Model-driven business process security requirement specification.
Author(s): Christian Wolter , Michael Menzel , Andreas Schaad , Philip Miseldine , Christoph Meinel.
Category:integrating Security Requirements into BPM (modeling to execution).
Date finished reading:24-4-2010
Paper title: A Technique for Optimal Adaptation of Time-Dependent Workflows with Security Constraints
Author(s): Basit Shafiq, Arjmand Samuel, Elisa Bertino, and Arif Ghafoor
Category:integrating Security Requirements into BPM (Formal)
Date finished reading:18-4-2010
Paper title: Secure Business Process Management: A Roadmap.
Author(s): Thomas Neubauer, Markus Klemen, Stefan Biffl
Category: Overview
Date finished reading:15-4-2010
Paper title: Security for Workflow Systems.
Author(s): Vijay Atluri, Rutgers University
Category: Overview
Date finished reading: 11-4-2010
Paper title: BPM & Security.
Author(s): BPMInstitute.org
Category: Overview
Date finished reading: 9-4-2010
Paper title: Privacy-Aware Workflow Management.
Author(s): Bandar Alhaqbani, Michael Adams, Colin Fidge, and Arthur H.M. ter Hofstede
Category: integrating Security requirements in BPM (Privacy).
Date finished reading: 5-4-2010
Security Should be Considered from the begning ..
Security investment decision can not be regarded independently from corporate business, its strategic alignment, business processes and people; its consideration has to start at a strategic level.
So organizations today should consider parallel development of business processes and security safeguards over the whole life cycle of a process.
So the proposed idea in terms of BPM is that security measures are modeled in the same diagrams as business processes to extend the advantages of businesses process models to the field of security. Modeling of security measures allows an improvement of documentation and therefore transparency. A higher level of transparency has also influence on the security awareness because employees are directly in contact with the corporate security policy when executing their business processes.
interdependency between business processes and security measures must be considered, especially if security measures influence the performance of the business processes. But business processes are generally fixed and security measures are defined according to the given business processes.
Business process diagram must be extended with specifications that are needed for the automated execution. Additionally the specified security requirements must be integrated in the workflows, e.g. role based access control, authentication or separation of duties but also classical security aspects such as securing the network against viruses. unfortunately existing approaches neglects the integration of security objectives to BPM.
So Business processes and security issues should be developed in parallel and therefore synergy effects compared to an independent view on security and business processes can be realized.
----------------
Source:
Secure Business Process Management: A Roadmap.
Thomas Neubauer, Markus Klemen, Stefan Biffl. 2006
Thursday, 15 April 2010
Intersting Points from the Radmap paper ..
First they had an interesting definition, where they defined the term ”Secure Business Process Management” (SBPM) as following: The management of the whole business process life cycle in conformity with security and dependability objectives: Confidentiality, Integrity, Availability, Reliability, Safety and Maintainability.
and the other idea that was interesting is what they explained that in today’s companies security is too important to reduce it to a technical issue. So always remember "Security is a process and not a product".
So the benefit of security can be defined as the creation of value by granting the operational execution of the corporate strategy by the use of business processes.
Another inserting idea was the different between Secure BPM nad Security Refrence Proceses.
• Secure Business Processes are security-enhanced business processes. Security measures and business processes are modeled in an integrated view. These models are the basis for the execution of the business processes e.g. with workflow systems.
• Security Reference Processes are based on established security frameworks such as Cobit or ISO 17799. These processes describe how to reach and keep a defined security level according to the used security framework. Security Reference Processes serve as a basis for valuating the costs of implementing security measures.
Finally the importanince of keeping an eye and monitoring your security as they say Newspapers are full of articles about companies being surprised of their business loss due to security breaches, as security problems mostly do not appear without any signs.
---------------
Resource:
Secure Business Process Management: A Roadmap.
Thomas Neubauer, Markus Klemen, Stefan Biffl. 2006
Tuesday, 13 April 2010
Sunday, 11 April 2010
BPM Authorization Model
AT is comprised of the static parameters of the authorization that can be defined during the design of the workflow. ATs are attached to tasks. A task may have more than one authorization template attached to it.
Example:
Consider for example a travel reimbursement processing workflow. This workflow consists of three tasks: preparing a claim (T1), approving the claim (T2), issuing a check (T3).
Consider once again the workflow in example 1. For the sake of simplicity, we have
omitted T4. Suppose the associated subjects for performing these processes are John, Mary, and
Ken, respectively. Now, instead of granting all the required privileges for every involved staff in
advance, they potential authorizations are specified by means of the authorization templates.
Appropriate authorizations to perform these tasks are not enforced until the tasks are actually
processed.
AT(T1) = (employee, (claim,--), prepare)
AT(T2) = (Supervisor,(claim,--),approve)
AT(T3) = (clerk, (check,--), issue)
John receives the authorization to prepare it. Assume he starts this at time 40. At this point, John is granted the authorization to prepare the claim. Suppose he finishes it and sends it to his supervisor at time 47.
The authorization template then generates the authorization (John, claim1, prepare, [40,47]), which means the authorization is revoked as soon as he finishes his task. When the claim (the instance is claim1) arrives to Mary at 47, an authorization to approve is given to Mary. However, John no longer holds the authorization on this instance of the claim any more. When Mary finishes the approval task, say at 82, her authorization is revoked, thus generating (Mary, claim1, approve, (47,82)). In this fashion, WAM synchronizes the authorization flow with the progression of the workflow.
Resource:
Security for Workflow Systems, Vijay Atluri, Rutgers University, 2002.
Friday, 9 April 2010
BPM is not software security
‘‘ While BPM is not software security, it does have the ability to define a workflow, involving only pertinent parties at each step. From this, rules and authorizations can be applied to the process ensuring that only authorized personnel are able to complete necessary tasks."
she also explained how BPM can be used to track and report on who accessed the patient database, when it was accessed, who's records were opened, and updates or changes that were made.
Resource:
Security in BPM Suites Can Remedy Security Breaches in Paper based Medical Records.
Mary Katherine Strupe, 2009.
Thursday, 8 April 2010
Definitions for security requirements in BPM terminology
Vijay Atluri in his paper "Security for Workflow Systems" thinks that the security requirements for Workflows are:
Confidentiality:
This refers to unauthorized disclosure of information including the specification, and the workflow instances during its execution.
Integrity:
Refers to the unauthorized modification of information, again including the specification as well as the data manipulated during the execution of a workflow instance.
Availability:
Refers to making the data and resources available to the agents responsible for executing the tasks in a workflow.
Authentication:
Refers to reliably verifying the identity of the task execution agents
Authorization:
Refers to enforcing access control to ensure confidentiality and integrity
Audit:
Refers to recording information about who has performed which actions at what time within the workflow, which can later be analyzed to detect suspicious behavior and misuse of authority.
Anonymity:
Refers to keeping the agents anonymous from other agents executing the workflow. This may be needed especially when agents with conflict-of-interest execute different tasks within a workflow.
Separation of duties:
These are additional constraints associated with the workflow to reduce the risk of fraud.
Reference:
Security for Workflow Systems, Vijay Atluri, Rutgers University, 2002.
BPM & Security
and as the figure above shows 40% of the processes will include company confidential information.
T is another strong reason to include security requirements in BPM, if process include sensitive information and would be executed in a non-safe environment, information confidentiality, integrity and other security requirements need to be satisfied.
The BPMInstitute.org believes that the most important security aspects are:
- Protecting content from unauthorized access (Confidentiality).
- Assuring that the content came from the stated author (Authentication).
- Detecting unintentional or malicious altering of content (Integrity).
- Maintaining the document security throughout the execution of the process (Continuity).
CSI/FBI Computer Crime and Security survey shows that 33% of the 700 participating enterprise suffered from unauthorized access, and 3% from information theft. These 2 types of violations were ranked 2nd and 3rd only behind viruses, and they totaled a lose of $62.1 million out of the total cost of 13 different violation type was $130.1 million.
Resource:
BPM & Security, BPMInstitute.org. 2006.
Wednesday, 7 April 2010
Thats why ...
Business Process Management (BPM), and Security issues have grown separately, and usually do not follow the same strategy, and it is found that security goals are not presented as part of business process models. Currently there is no process-modeling standard that have the ability to capture security goals. The main reasons, is due to the fact that professionals and specialists in the business process domain are usually not experts in security, and neglect the integration of security. BPM experts and security experts must work together to establish a platform that can link business processes with security.
That is why there isn't much of integration between Security and BPM, and there isn't much representation of security requirements in the BPM field.
Resources:
(Herrmann and Pernul, 1998)
(Neubauer et al, 2006)
(Wolter et al, 2008)
(Schaad et al, 2008)
is it important to have Security integrated with BPM ?
Tuesday, 6 April 2010
The Begining ..
as i am a PhD student doing my research on this area of the combined space between BPM and Security. and how to integrate Security in BPM.
Wish you all the best.