Sie sind hier: Startseite Forschung Publikationen


« zurück zur Übersicht

Titel: On the Exploitation of Process Mining for Security Audits: The Conformance Checking Case
Publikationstyp: Konferenzbeiträge
Autoren: Accorsi R, Stocker T
Erscheinungsjahr: 2012
Herausgeber: ACM
Journal: Proceedings of the 27th Annual ACM Symposium on Applied Computing
Tagung: ACM Symposium on Applied Computing, SAC 2012, Riva, Trento, Italy
Seiten: 1709 - 1716
Kurzfassung: Process mining stands for a set of techniques to analyze business process models and logs. However, the extent to which it can be used for security auditing has not been investigated. Focusing on conformance checking and its support in ProM, this paper reports on a case-study in the financial sector applying this technology for the auditing of relevant security requirements. Although the vast majority of requirements could be verified, we notice a large manual effort to carry out the analysis. Moreover, we identify a class of security requirements that demands process discovery for analysis, and elaborate on ways in which process mining could be extended to better suit security analyses.
URL/DOI: http://doi.acm.org/10.1145/2245276.2232051
PDF: http://files.telematik.un[...]ublications/sac12.pdf
Benutzerspezifische Werkzeuge