Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Security compliance tracking of processes in networked cooperating systems

 
: Rieke, Roland; Zhdanova, Maria; Repp, Jürgen

:
Volltext (PDF; )

Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications : JoWUA 6 (2015), Nr.2, S.21-40
ISSN: 2093-5374 (Print)
ISSN: 2093-5382 (Online)
Englisch
Zeitschriftenaufsatz, Elektronische Publikation
Fraunhofer SIT ()
predictive security analysis; model-based process behavior analysis; security modelling and simulation; security compliance monitoring; security information and event management; governance and compliance; security of critical infrastructures

Abstract
Systems of systems that collaborate for a common purpose are called cooperating systems. Typical examples of novel cooperating systems are electronic health systems and electronic money Transfer systems but also critical infrastructures, such as future vehicular ad hoc networks and distributed air traffic management systems. Business processes and technical workflows control the cooperation of the networked systems. Important safety and security goals of the applications, Business goals, and external compliance requirements create security obligations for such processes. These processes must not only be secure, they must be demonstrably so. To support this, we present an approach for security compliance tracking of processes in networked cooperating systems using an advanced method of predictive security analysis at runtime. At that, operational models are utilized for: (a) tracking conformance of process behavior with respect to the specification, (b) detection of behavior anomalies which indicate possible attacks, (c) tracking compliance of process behavior with respect to safety and security requirements, and (d) prediction of possible violations of safety and security policies in the near future. We provide an extensive background analysis, introduce the model-based conformance tracking and uncertainty management algorithm, and describe security compliance tracking and model-based behavior prediction. We demonstrate the implementation of the proposed approach on a critical infrastructure scenario from a European research project.

: http://publica.fraunhofer.de/dokumente/N-375173.html