Info
Publications
Filtered by author : Stocker T (clear filter )
filter list :
Journal Articles
Years:
2015 |
2013 |
2012 |
2011 |
2010 |
2009 |
2008 |
2007 |
2006 |
2005 |
2004 |
2003 |
2002 |
2001 |
2000 |
1999 |
1998 |
1997 |
1996 |
1995 |
1994
|
show all
back to the top of all publications
back to the year overview
Conference papers
Years:
2017 |
2016 |
2015 |
2014 |
2013 |
2012 |
2011 |
2010 |
2009 |
2008 |
2007 |
2006 |
2005 |
2004 |
2003 |
2002 |
2001 |
2000 |
1999 |
1998 |
1997 |
1996 |
1995 |
1994 |
1992 |
1991 |
1986
|
show all
back to the top of all publications
back to the year overview
Stocker T , Accorsi R
SecSy: A Security-oriented Tool for Synthesizing Process Event Logs
2014 Proceedings of the BPM Demo Sessions 2014 Co-located with the 12th International Conference on Business Process Management (BPM 2014), Eindhoven, The Netherlands, September 10, 2014., volume : 1295
Accorsi R , Holderer J , Stocker T , Zahoransky R
Security Workflow Analysis Toolkit
2014 Sicherheit 2014: Sicherheit, Schutz und Zuverlässigkeit, Beiträge der 7. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI), 19.-21. März 2014, Wien, Österreich, volume : 228, pages : 433 - 442
back to the year overview
Stocker T , Böhr F
IF-Net: A Meta-Model for Security-Oriented Process Specification
2013 9th International Workshop, STM 2013, Egham, UK Proceedings of the 12th International IEEE Enterprise Distributed Object Computing Conference, volume : 8203, pages : 191 - 206
» show abstract
« hide abstract
Abstract
In this paper we propose a new Petri net-based meta-model for the specification of workflows. While existing approaches for workflow modeling typically address the consistency of process models, there is no de-facto standard for models which also comprise security-related aspects. Besides basic workflow properties such as executing subjects and transition guards, the proposed IF-Net approach allows net parts to be annotated with security levels in a way that information flow control mechanisms can be applied. By introducing distinguishable token types, IF-Net allows the modeling of both, the control- and data-flow of a workflow in an intuitive way. Altogether IF-Net allows the specification of workflows in a detailed way and provides a basis for the formal verification of security properties on these specifications.
Accorsi R , Stocker T , Mueller G
On the Exploitation of Process Mining for Security Audits: The Process Discovery Case
2013 Proceedings of the 28th Annual ACM Symposium on Applied Computing, pages : 1462 - 1468
» show abstract
« hide abstract
Abstract
This paper reports on the potential of process mining as a basis for security audits of business process and correspond- ing business process management systems. In particular, it focuses on process discovery as a means to reconstruct process-related structures from event logs, such as the pro- cess’ control flow, social network and data flows. Based on this information, security analysis to determine the compli- ance with security and privacy requirements can be auto- mated.
Accorsi R , Stocker T
SecSy: Synthesizing Smart Process Event Logs
2013 Enterprise Modelling and Information Systems Architectures: Proceedings of the 5th International Workshop on Enterprise Modelling and Information Systems Architectures, EMISA 2013, St. Gallen, Switzerland, September 5-6, 2013, volume : 222, pages : 71 - 84
back to the year overview
Stocker T
Data Flow-oriented Process Mining to Support Security Audits
2012 Service-Oriented Computing - ICSOC 2011 Workshops ICSOC Workshops, volume : 7221, pages : 171 - 176
» show abstract
« hide abstract
Abstract
The automated execution of dynamically-evolving business processes in service-oriented architectures requires audit methods to assert that they fulfill required security properties. Process mining techniques can provide models for the actual process behavior, but mostly disregard the dynamics of processes running in highly flexible environments and neglect the data flow perspective. This research plan is on novel data-oriented mining techniques to tackle these shortcomings in order to support effective security audits.
Accorsi R , Stocker T
Discovering Workflow Changes with Time-based Trace Clustering
2012 Post-proceedings of the IFIP Symposium on Data-Driven Process Discovery and Analysis, pages : 154 - 168
» show abstract
« hide abstract
Abstract
This paper proposes a trace clustering approach to support process discovery of configurable, evolving process models. The clustering approach allows auditors to distinguish between different process variants within a timeframe, thereby visualizing the process evolution. The main insight to cluster entries is the “distance” between activities, i.e. the number of steps between an activity pair. By observing non-transient modifications on the distance, changes in the original process shape can be inferred and the entries clustered accordingly. The paper presents the corresponding algorithms and exemplifies its usage in a running example.
Accorsi R , Stocker T
On the Exploitation of Process Mining for Security Audits: The Conformance Checking Case
2012 ACM Symposium on Applied Computing, SAC 2012, Riva, Trento, Italy Proceedings of the 27th Annual ACM Symposium on Applied Computing, pages : 1709 - 1716
» show abstract
« hide abstract
Abstract
Process mining stands for a set of techniques to analyze business process models and logs. However, the extent to which it can be used for security auditing has not been investigated. Focusing on conformance checking and its support in ProM, this paper reports on a case-study in the financial sector applying this technology for the auditing of relevant security requirements. Although the vast majority of requirements could be verified, we notice a large manual effort to carry out the analysis. Moreover, we identify a class of security requirements that demands process discovery for analysis, and elaborate on ways in which process mining could be extended to better suit security analyses.
back to the year overview
Stocker T
Time-based Trace Clustering for Evolution-aware Security Audits
2011 BPM 2011 International Workshops, Clermont-Ferrand, France Business Process Management Workshops (2), volume : 100, pages : 471 - 476
» show abstract
« hide abstract
Abstract
This paper proposes a novel trace clustering approach for workflow mining to allow for security audits that regard the evolution of process models along time. Specifically, the trace-clustering method allows auditors to distinguish between different “active” process variants within a timeframe, thereby allowing the visualization of the process evolution. Separately analyzing subsequent process variants allows auditors to localize time-frames and corresponding models for identified vulnerabilities and thus more sophisticated security audits.
Accorsi R , Wonnemann C , Stocker T
Towards forensic data flow analysis of business process logs
2011 Sixth International Conference on IT Security Incident Management and IT Forensics, IMF 2011, Stuttgart, Germany Proceedings of the 6th International Conference on IT Security Incident Management & IT Forensics, pages : 3 - 20
» show abstract
« hide abstract
Abstract
This paper presents RecIF, a forensic technique for the analysis of business process logs to detect illegal data flows. RecIF uses propagation graphs to formally capture the data flow within a process execution. Abstracting away from the concrete traces, propagation graphs are analyzed with extensional data flow policies that denote what -- instead of how -- relevant industrial requirements, e.g. Chinese Wall and separation of duty constraints, are to be achieved. An example and the corresponding runtime figures demonstrate the feasibility of the approach.
Accorsi R , Stocker T
Towards security-aware process mining
2011 IFIP Symposium on Data-Driven Process Discovery and Analysis
» show abstract
« hide abstract
Abstract
This paper reports on ongoing work towards a novel ap-
proach to process mining to support security audits in dynamic PAIS.
back to the year overview
Accorsi R , Stocker T
On Frameworks for the Visualization of Privacy Policies Implications
2009 W3C Workshop on Access Control Application Scenarios, Luxemburg W3C Workshop on Access Control Application Scenarios
» show abstract
« hide abstract
Abstract
Privacy policies provide a way to automate the control of
data access and usage across different systems and enterprise domains.
Due to the ever growing complexity and number of policies, users are
often unaware of the amount of information they implicitly release as
a function of a given (possibly negotiated or combined) privacy policy.
This is substantiated by a several experiments demonstrating that users
fail to capture their privacy preferences when specifying their policies.
Below, we motivate the need for frameworks to compute and visualize the
implications of a policy, i.e. to make implicit access and usage decisions
explicit to users. In enhancing the usability of policy specification and
negotiation, users are eventually able to define more precise policies,
which is an essential feature for current computing models based on
social networks and cloud and ubiquitous computing.
back to the year overview
Accorsi R , Stocker T
Automated Privacy Audits Based on Pruning of Log Data.
2008 12th International IEEE Enterprise Distributed Object Computing Conference, ECOC 2008, München Proceedings of the 12th Enterprise Distributed Object Computing Conference Workshops, pages : 175 - 182
» show abstract
« hide abstract
Abstract
This paper presents a novel approach to automated audits based on the pruning of log data represented as trees. Events, recorded as a sequential list of entries, are interpreted as nodes of a tree. The audit consists in removing the nodes that are compliant with the policy, so that the remaining tree consists only of the violations of the policy. Besides presenting the method, this paper demonstrates that the resultant method is more efficient than usual audit approaches by analyzing its theoretical complexity and the runtime figures obtained by a proof of concept.