Info
Publications
Filtered by author : Accorsi R (clear filter )
filter list :
Journal Articles
Years:
2015 |
2013 |
2012 |
2011 |
2010 |
2009 |
2008 |
2007 |
2006 |
2005 |
2004 |
2003 |
2002 |
2001 |
2000 |
1999 |
1998 |
1997 |
1996 |
1995 |
1994
|
show all
back to the top of all publications
back to the year overview
back to the year overview
Accorsi R
A secure log architecture to support remote auditing
2013 Mathematical and Computer Modelling 57(7-8), pages : 1578 - 1591
Stocker T , Accorsi R , Rother T
Computergestützte Prozessauditierung mit Process Mining
2013 HMD - Praxis Wirtschaftsinform., volume : 292
Accorsi R , Matulevicius R
Second Workshop on Security in Business Processes - A workshop report
2013 Enterprise Modelling and Information Systems Architectures 8(2), pages : 105 - 107
Accorsi R
Security in Business Process Management
2013 it - Information Technology 55(6), pages : 215 - 216
Accorsi R , Damiani E , van der Aalst W
Unleashing Operational Process Mining (Dagstuhl Seminar 13481)
2013 Dagstuhl Reports, volume : 3, issue : 11, pages : 154 - 192
Accorsi R , Crampton J , Huth M , Rinderle-Ma S
Verifiably Secure Process-Aware Information Systems (Dagstuhl Seminar 13341)
2013 Dagstuhl Reports, volume : 3, issue : 8, pages : 73 - 86
Accorsi R , Matulevicius R
Workshop on Security in Business Processes - A workshop report
2013 Enterprise Modelling and Information Systems Architectures 8(1), pages : 75 - 79
back to the year overview
Accorsi R , Ullrich M , van der Aalst W
Process Mining
2012 Informatik Spektrum 35(5), pages : 354 - 359
back to the year overview
Accorsi R , Lowis L , Sato Y
Automated Certification for Compliant Cloud-based Business Processes
2011 Business & Information Systems Engineering, volume : 3, pages : 145 - 154
Accorsi R , Lowis L , Sato Y
Automatisierte Compliance-Zertifizierung Cloud-basierter Geschäftsprozesse
2011 Wirtschaftsinformatik, volume : 53, issue : 3, pages : 139 - 149
Lowis L , Accorsi R
Vulnerability Analysis in SOA-Based Business Processes
2011 IEEE Trans. Services Computing 4(3), pages : 230 - 242
back to the year overview
Accorsi R , Lowis L
ComCert: Automated Certification of Cloud-based Business Processes
2010 ERCIM News, volume : 83, page : 50
Müller G , Accorsi R , Höhn S , Sackmann S
Sichere Nutzungskontrolle für mehr Transparenz in Finanzmärkten
2010 Informatik Spektrum, volume : 33, issue : 1, pages : 3 - 13
Lowis L , Accorsi R
Vulnerability analysis in SOA-based business processes
2010 IEEE Transactions on Services Computing
back to the year overview
back to the year overview
Books
Years:
2010 |
2009 |
2008 |
2006 |
2005 |
2004 |
2003 |
2002 |
2001 |
1996
|
show all
back to the top of all publications
back to the year overview
Book chapters
Years:
2016 |
2015 |
2013 |
2012 |
2011 |
2010 |
2009 |
2008 |
2007 |
2006 |
2005 |
2004 |
2003 |
2002 |
2001 |
2000 |
1999 |
1998 |
1997 |
1996 |
1995 |
1994 |
1987
|
show all
back to the top of all publications
back to the year overview
Müller G , Koslowski T , Accorsi R
Resilience - A New Research Field in Business Information Systems?
In : Business Information Systems Workshops , pages : 3 - 21, W. Abramowicz (ed.) , Springer (New York), 2013
» show abstract
« hide abstract
Abstract
Being responsive in cases of unplanned disruptions has been difficult for management in the past, but for IT it is even more challenging: IT Systems are developed to fulfill predefined properties, and offer a hard-wired set of exception handling functionalities. Resilience encompasses reaction on disturbances beyond the scope of known properties. An organization is resilient if its capabilities can be adapted to new requirements which have not been explictly incorporated into the existing IT design. This paper introduces the concept of resilience and its implications in the fields of business information systems.
back to the year overview
Accorsi R
BBox: A Distributed Secure Log Architecture
In : Proceedings of the European Workshop on PKI , Springer (Athens, Greece), 2011
Accorsi R , Wonnemann C
Forensic Leak Detection for Business Processes Models
In : Proceedings of the IFIP Conference on Digital Forensics , Springer-Verlag (Berlin), 2011
Accorsi R , Wonnemann C
InDico: Information Flow Analysis of Business Processes for Confidentiality Requirements
In : Proceedings of the ERCIM Workshop on Security and Trust Management , Springer (Athens, Greece), 2011
back to the year overview
Höhn S , Jürjens J , Lowis L , Accorsi R
Identification of Vulnerabilities in Web Services using Model-Based Securit
In : Web Services Security Development and Architecture: Theoretical and Practical Issues , pages : 1 - 32, Gutiérrez, C. and E. Fernández-Medina and M. Piattini (ed.) , IGI Global, 2010
Accorsi R , Wonnemann C
Static Information Flow Analysis of Workflow Models
In : Business Process and Service Science , pages : 194 - 205, Gesellschaft für Informatik (Leipzig, Germany), 2010
back to the year overview
Accorsi R , Wonnemann C
Detective Information Flow Analysis for Business Processes (Extended Abstract)
In : Business Processes, Services Computing and Intelligent Service Management , pages : 223 - 224, Abramowicz, W., Macaszek L., Kowalczyk R., and Speck A. (ed.) , Bonner Köllen Verlag (Bonn et al.), 2009
back to the year overview
Accorsi R , Höhn S , Maier M
An Approach for Secure Usability for Ambient Intelligence
Environments.
In : Long-Term and Dynamical Aspects of Information Security: Emerging Trends in Information and Communication Security. , A. Schmidt, M. Kreutzer, R. Accorsi (ed.) , Nova-Publishers, 2007
Müller G , Accorsi R , Höhn S , Kähmer M , Strasser M
Sicherheit in Ubiquitous Computing: Schutz durch Gebote?
In : Die Informatisierung des Alltags - Leben in smarten Umgebungen , pages : 127 - 142, Friedeman Mattern (ed.) , Springer-Verlag, 2007
back to the year overview
Accorsi R , Adolf C
Delegating Secure Logging in Pervasive Computing Systems
In : International Conference on Security in Pervasive Computing. Vol 3934. Lecture Notes in Computer Science , pages : 58 - 72, John A. Clarke, Richard F. Paige, Fiona A. C. Polack and Phillip J. Brooke (ed.) , Springer-Verlag, 2006
Accorsi R
On the Relationship of Privacy and Secure Remote Logging in Dynamic Systems
In : IFIP International Federation for Information Processing. Vol 201. Security and Privacy in Dynamic Environments , pages : 323 - 338, S. Fischer-Hübner, K. Rannenberg, L. Yngström, S. Lindskog (ed.) , Springer-Verlag, 2006
Conference papers
Years:
2017 |
2016 |
2015 |
2014 |
2013 |
2012 |
2011 |
2010 |
2009 |
2008 |
2007 |
2006 |
2005 |
2004 |
2003 |
2002 |
2001 |
2000 |
1999 |
1998 |
1997 |
1996 |
1995 |
1994 |
1992 |
1991 |
1986
|
show all
back to the top of all publications
back to the year overview
Accorsi R
A Posteriori Process Security Control
2015 ICISSP 2015 - Proceedings of the 1st International Conference on Information Systems Security and Privacy, ESEO, Angers, Loire Valley, France, 9-11 February, 2015. SciTePress 2015, ISBN 978-989-758-08
Ceravolo P , Russo B , Accorsi R
Data-Driven Process Discovery and Analysis - 4th International Symposium, SIMPDA 2014, Milan, Italy, November 19-21, 2014, Revised Selected Papers.
2015 Lecture Notes in Business Information Processing 237, Springer 2015, ISBN 978-3-319-27242-9
Ceravolo P , Accorsi R , Cudré-Mauroux P
Data-Driven Process Discovery and Analysis - Third IFIP WG 2.6, 2.12 International Symposium, SIMPDA 2013, Riva del Garda, Italy, August 30, 2013, Revised Selected Papers.
2015 Lecture Notes in Business Information Processing 203, Springer 2015, ISBN 978-3-662-46435-9
Brenig C , Accorsi R , Müller G
Economic Analysis of Cryptocurrency Backed Money Laundering
2015 23th European Conference on Information Systems, Münster, Germany forthcoming
Holderer J , Accorsi R , Müller G
When four-eyes become too much: a survey on the interplay of authorization constraints and workflow resilience
2015 Proceedings of the 30th Annual ACM Symposium on Applied Computing, Salamanca, Spain, April 13-17, 2015, pages : 1245 - 1248
back to the year overview
Zimmermann C , Accorsi R , Müller G
Privacy Dashboards: Reconciling Data-Driven Business Models and Privacy
2014 Proceedings of the 2014 Ninth International Conference on Availability, Reliability and Security (ARES) , pages : 152 - 157
» show abstract
« hide abstract
Abstract
We argue for the use of Privacy Dashboards as enablers for privacy-enabled data-driven business models. Specifically, while dashboards are succesful instruments in business intelligence tools, their use in privacy protection is far less well-understood. Addressing this problem at the technical level, this paper provides a classification scheme for Privacy Dashboards and elaborates on the current state of the art to draw a research agenda for designing Privacy Dashboards that cater to users' desire of control and businesses' need for data collection and usage.
Accorsi R , Ceravolo P , Russo B
Proceedings of the 4th International Symposium on Data-driven Process Discovery and Analysis (SIMPDA 2014), Milan, Italy, November 19-21, 2014
2014 CEUR-WS.orgCEUR Workshop Proceedings, volume : 1293
Stocker T , Accorsi R
SecSy: A Security-oriented Tool for Synthesizing Process Event Logs
2014 Proceedings of the BPM Demo Sessions 2014 Co-located with the 12th International Conference on Business Process Management (BPM 2014), Eindhoven, The Netherlands, September 10, 2014., volume : 1295
Accorsi R , Holderer J , Stocker T , Zahoransky R
Security Workflow Analysis Toolkit
2014 Sicherheit 2014: Sicherheit, Schutz und Zuverlässigkeit, Beiträge der 7. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI), 19.-21. März 2014, Wien, Österreich, volume : 228, pages : 433 - 442
Zahoransky R , Koslowski T , Accorsi R , ,
Toward Resilience Assessment in Business Process Architectures
2014 Computer Safety, Reliability, and Security - SAFECOMP 2014 Workshops: ASCoMS, DECSoS, DEVVARTS, ISSE, ReSA4CI, SASSUR. Florence, Italy, September 8-9, 2014. Proceedings, volume : 8696, pages : 360 - 370
back to the year overview
Fenz S , Neubauer T , Accorsi R , Koslowski T
FORISK: Formalizing Information Security Risk and Compliance Management
2013 43rd annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop (DSN-W), Budapest, 24-27 June 2013
Accorsi R
On Process Rewriting for Business Process Security
2013 Proceedings of the 3rd International Symposium on Data-driven Process Discovery and Analysis, Riva del Garda, Italy, August 30, 2013, volume : 1027, pages : 111 - 126
Accorsi R , Stocker T , Mueller G
On the Exploitation of Process Mining for Security Audits: The Process Discovery Case
2013 Proceedings of the 28th Annual ACM Symposium on Applied Computing, pages : 1462 - 1468
» show abstract
« hide abstract
Abstract
This paper reports on the potential of process mining as a basis for security audits of business process and correspond- ing business process management systems. In particular, it focuses on process discovery as a means to reconstruct process-related structures from event logs, such as the pro- cess’ control flow, social network and data flows. Based on this information, security analysis to determine the compli- ance with security and privacy requirements can be auto- mated.
Accorsi R , Müller G
Preventive Inference Control in Data-centric Business Models
2013 2013 IEEE Symposium on Security and Privacy Workshops, San Francisco, CA, USA, May 23-24, 2013, pages : 28 - 33
Accorsi R , Ceravolo P , Cudré-Mauroux P
Proceedings of the 3rd International Symposium on Data-driven Process Discovery and Analysis, Riva del Garda, Italy, August 30, 2013
2013 CEUR-WS.orgCEUR Workshop Proceedings, volume : 1027
Accorsi R , Ceravolo P , Cudré-Mauroux P
Proceedings of the 3rd International Symposium on Data-driven Process Discovery and Analysis, Riva del Garda, Italy, August 30, 2013
2013 CEUR Workshop Proceedings 1027, CEUR-WS.org 2013
Accorsi R , Stocker T
SecSy: Synthesizing Smart Process Event Logs
2013 Enterprise Modelling and Information Systems Architectures: Proceedings of the 5th International Workshop on Enterprise Modelling and Information Systems Architectures, EMISA 2013, St. Gallen, Switzerland, September 5-6, 2013, volume : 222, pages : 71 - 84
Accorsi R , Ranise S
Security and Trust Management - 9th International Workshop, STM 2013, Egham, UK, September 12-13, 2013. Proceedings
2013 SpringerLecture Notes in Computer Science, volume : 8203
Zimmermann C , Accorsi R
Transparenz durch Privacy Dashboards: Ein Process Mining Ansatz
2013 Koblenz Lecture Notes in Informatics (LNI) - Proceedings Series of the Gesellschaft für Informatik (GI), volume : P-220, pages : 2087 - 2101
Müller G , Accorsi R
Why Are Business Processes Not Secure?
2013 Number Theory and Cryptography - Papers in Honor of Johannes Buchmann on the Occasion of His 60th Birthday, volume : 8260, pages : 240 - 254
back to the year overview
Accorsi R , Lehmann A
Automatic Information Flow Analysis of Business Process Models
2012 Business Process Management - 10th International Conference, BPM 2012, Tallinn, Estonia, September 3-6, 2012. Proceedings.
Accorsi R , Stocker T
Discovering Workflow Changes with Time-based Trace Clustering
2012 Post-proceedings of the IFIP Symposium on Data-Driven Process Discovery and Analysis, pages : 154 - 168
» show abstract
« hide abstract
Abstract
This paper proposes a trace clustering approach to support process discovery of configurable, evolving process models. The clustering approach allows auditors to distinguish between different process variants within a timeframe, thereby visualizing the process evolution. The main insight to cluster entries is the “distance” between activities, i.e. the number of steps between an activity pair. By observing non-transient modifications on the distance, changes in the original process shape can be inferred and the entries clustered accordingly. The paper presents the corresponding algorithms and exemplifies its usage in a running example.
Accorsi R , Zimmermann C , Müller G
On Taming the Inference Threat in Social Networks
2012 The 1st International Workshop on Privacy and Data Protection Technology (PDPT). Amsterdam Proceedings of the 1st International Workshop on Privacy and Data Protection Technology (PDPT)
Accorsi R , Stocker T
On the Exploitation of Process Mining for Security Audits: The Conformance Checking Case
2012 ACM Symposium on Applied Computing, SAC 2012, Riva, Trento, Italy Proceedings of the 27th Annual ACM Symposium on Applied Computing, pages : 1709 - 1716
» show abstract
« hide abstract
Abstract
Process mining stands for a set of techniques to analyze business process models and logs. However, the extent to which it can be used for security auditing has not been investigated. Focusing on conformance checking and its support in ProM, this paper reports on a case-study in the financial sector applying this technology for the auditing of relevant security requirements. Although the vast majority of requirements could be verified, we notice a large manual effort to carry out the analysis. Moreover, we identify a class of security requirements that demands process discovery for analysis, and elaborate on ways in which process mining could be extended to better suit security analyses.
back to the year overview
Accorsi R
Business Process as a Service: Chances for Remote Auditing
2011 Workshop Proceedings of the 35th Annual IEEE International Computer Software and Applications Conference, COMPSAC Workshops 2011, Munich, Germany, 18-22 July 2011, pages : 398 - 403
Accorsi R , Stocker H
Discovering Workflow Changes with Time-Based Trace Clustering
2011 Data-Driven Process Discovery and Analysis - First International Symposium, SIMPDA 2011, Campione d'Italia, Italy, June 29 - July 1, 2011, Revised Selected Papers, pages : 154 - 168
Accorsi R , Wonnemann C
Informationsfluss-Mechanismen zur Zertifizierung von Cloud-basierten Geschäftsprozessen
2011 Deutscher IT-Sicherheitskongress des BSI
Accorsi R
Reliably secure business process specifications
2011 Grande Region Security and Reliability Day, Trier, Germany Proceedings of the Grande Region Security and Reliability Day
Accorsi R , Wonnemann C , Dochow S
SWAT: A Security Workflow Analysis Toolkit for Reliably Secure Process-aware Information Systems
2011 Sixth International Conference on Availability, Reliability and Security, ARES 2011, Vienna, Austria, August 22-26, 2011, pages : 692 - 697
Accorsi R , Wonnemann C
Strong Non-Leak Guarantees for Workflow Models
2011 ACM Symposium on Applied Computing (Enterprise Engineering Track). TaiChung, Taiwan Proceedings of ACM Symposium on Applied Computing (Enterprise Engineering Track)
Accorsi R , Wonnemann C , Stocker T
Towards forensic data flow analysis of business process logs
2011 Sixth International Conference on IT Security Incident Management and IT Forensics, IMF 2011, Stuttgart, Germany Proceedings of the 6th International Conference on IT Security Incident Management & IT Forensics, pages : 3 - 20
» show abstract
« hide abstract
Abstract
This paper presents RecIF, a forensic technique for the analysis of business process logs to detect illegal data flows. RecIF uses propagation graphs to formally capture the data flow within a process execution. Abstracting away from the concrete traces, propagation graphs are analyzed with extensional data flow policies that denote what -- instead of how -- relevant industrial requirements, e.g. Chinese Wall and separation of duty constraints, are to be achieved. An example and the corresponding runtime figures demonstrate the feasibility of the approach.
Accorsi R , Stocker T
Towards security-aware process mining
2011 IFIP Symposium on Data-Driven Process Discovery and Analysis
» show abstract
« hide abstract
Abstract
This paper reports on ongoing work towards a novel ap-
proach to process mining to support security audits in dynamic PAIS.
back to the year overview
Accorsi R , Wonnemann C
Auditing Workflow Executions against Dataflow Policies
2010 Conference on Business Information Systems, Berlin, Germany Proceedings of the Conference on Business Information Systems, Lecture Notes in Business Information Processing, volume : 47, pages : 207 - 217
back to the year overview
Accorsi R
Log Data as Digital Evidence: What Secure Logging Protocols Have to Offer?
2009 1st IEEE Workshop on Computer Forensics in Software Engineering, Seattle, Washington, USA Proceedings of the 1st IEEE Workshop on Computer Forensics in Software Engineering
Accorsi R , Stocker T
On Frameworks for the Visualization of Privacy Policies Implications
2009 W3C Workshop on Access Control Application Scenarios, Luxemburg W3C Workshop on Access Control Application Scenarios
» show abstract
« hide abstract
Abstract
Privacy policies provide a way to automate the control of
data access and usage across different systems and enterprise domains.
Due to the ever growing complexity and number of policies, users are
often unaware of the amount of information they implicitly release as
a function of a given (possibly negotiated or combined) privacy policy.
This is substantiated by a several experiments demonstrating that users
fail to capture their privacy preferences when specifying their policies.
Below, we motivate the need for frameworks to compute and visualize the
implications of a policy, i.e. to make implicit access and usage decisions
explicit to users. In enhancing the usability of policy specification and
negotiation, users are eventually able to define more precise policies,
which is an essential feature for current computing models based on
social networks and cloud and ubiquitous computing.
Wonnemann C , Accorsi R
On Information Flow Forensics in Business Application Scenarios
2009 4th IEEE Workshop on Security, Trust, and Privacy for Software Applications, Seattle, Washington, USA Proceedings of the 4th IEEE Workshop on Security, Trust, and Privacy for Software Applications
Wonnemann C , Accorsi R , Müller G
On Information Flow Forensics in Business Application Scenarios
2009 Proceedings of the 33rd Annual IEEE International Computer Software and Applications Conference, COMPSAC 2009, Seattle, Washington, USA, July 20-24, 2009. Volume 2, pages : 324 - 328
Lowis L , Accorsi R
On a Classification Approach for SOA Vulnerabilities
2009 1st IEEE Workshop on Security Aspects of Process and Services Engineering, Seattle, Washington, USA Proceedings of the 1st IEEE Workshop on Security Aspects of Process and Services Engineering
Accorsi R
Safekeeping Digital Evidence with Secure Logging Protocols: State of the Art and Challenges
2009 5th Conference on IT Security Incident Management & IT Forensics, Stuttgart, Germany Proceedings of the 5th Conference on IT Security Incident Management & IT Forensics
back to the year overview
Accorsi R , Stocker T
Automated Privacy Audits Based on Pruning of Log Data.
2008 12th International IEEE Enterprise Distributed Object Computing Conference, ECOC 2008, München Proceedings of the 12th Enterprise Distributed Object Computing Conference Workshops, pages : 175 - 182
» show abstract
« hide abstract
Abstract
This paper presents a novel approach to automated audits based on the pruning of log data represented as trees. Events, recorded as a sequential list of entries, are interpreted as nodes of a tree. The audit consists in removing the nodes that are compliant with the policy, so that the remaining tree consists only of the violations of the policy. Besides presenting the method, this paper demonstrates that the resultant method is more efficient than usual audit approaches by analyzing its theoretical complexity and the runtime figures obtained by a proof of concept.
Accorsi R
Automated Privacy Audits to Complement the Notion of Control for Identity Management.
2008 IFIP. Policies and Research in Identity Management, volume : 261, pages : 39 - 48
Strüker J , Accorsi R , Müller G
On Providing One-to-One Marketing with Customers' Privacy in Stationary Retail.
2008 IEEE Joint Conference on E-Commerce Technology Proceedings of the IEEE Joint Conference on E-Commerce Technology, pages : 44 - 49
back to the year overview
Accorsi R
Automated Privacy Audits to Complement the Notion of Control for Identity Management
2007 Policies and Research in Identity Management - First IFIP WG11.6 Working Conference on Policies and Research in Identity Management (IDMAN'07), RSM Erasmus University, Rotterdam, The Netherlands, Octo, pages : 39 - 48
Kähmer M , Accorsi R
Kundenkarten in hochdynamischen Systemen - Von einer Gefährdung zum Schutz der Privatsphäre
2007 Proceedings of the Conference on Communication in Distributed Systems, Workshop on Network Configuration and Security, pages : 21 - 26
Accorsi R , Bernauer M
On Privacy Evidence for UbiComp Environments -- Broadening the Notion of Control to Improve User Acceptance.
2007 5th Workshop on Privacy in UbiComp Proceedings of the 5th Workshop on Privacy in UbiComp
Accorsi R
Privacy Evidence to Complement the Notion of Control for Identity Management
2007 IFIP Conference on Policies and Research in Identity Management Proceedings of the IFIP Conference on Policies and Research in Identity Management
back to the year overview
Accorsi R , Kähmer M , Müller G
Security in UbiComp: Protection through Commandments
2005 Seventh Conference on Ubiquitous Computing The Poster Session at the Seventh Conference on Ubiquitous Computing
Accorsi R
Towards a Secure Logging Mechanism for Dynamic Systems
2005 7th IT Security Symposium. São José dos Campos, Brazil Proceedings to the 7th IT Security Symposium
Other publications
Years:
2012 |
2010 |
2008 |
2007 |
2006 |
2005 |
2001 |
2000 |
1998
|
show all
back to the top of all publications
back to the year overview
back to the year overview