Security in business process engineering

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 2678, Issue , 2003, Pages 168-183

  Backes, Michael ^a   Pfitzmann, Birgit ^a   Waidner, Michael ^a  

^a IBM RESEARCH ZURICH   (Switzerland)

Author keywords

Design; Security in Business Process Modeling; Verification and Validation

Indexed keywords

ADMINISTRATIVE DATA PROCESSING; CRYPTOGRAPHY; DESIGN; ENTERPRISE RESOURCE MANAGEMENT; PETRI NETS; PROCESS ENGINEERING; SPECIFICATIONS; SYSTEMS ENGINEERING;

CRYPTOGRAPHIC IMPLEMENTATION; DEVELOPMENT PROCESS; GENERAL METHODOLOGIES; MALICIOUS ADVERSARIES; SECURITY IN BUSINESS PROCESS; SECURITY REQUIREMENTS; TRUST RELATIONSHIP; VERIFICATION-AND-VALIDATION;

FORMAL VERIFICATION;

EID: 33644553339     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/3-540-44895-0_12     Document Type: Article

References (29)

1. N. Asokan, V. Shoup, and M. Waidner. Asynchronous protocols for optimistic fair exchange. In Proc. 19th IEEE Symposium on Security & Privacy, pages 86-99, 1998.
2. M. Backes and C. Jacobi. Cryptographically sound and machine-assisted verification of security protocols. In Proc. 20th Annual Symposium on Theoretical Aspects of Computer Science (STACS), volume 2607 of Lecture Notes in Computer Science, pages 675-686. Springer, 2003.
3. M. Backes, C. Jacobi, and B. Pfitzmann. Deriving Cryptographically sound implementations using composition and formally verified bisimulation. In Proc. 11th Symposium on Formal Methods Europe (FME 2002), volume 2391 of Lecture Notes in Computer Science, pages 310-329. Springer, 2002.
4. M. Backes and B. Pfitzmann. Computational probabilistic non-interference. In Proc. 7th European Symposium on Research in Computer Security (ESORICS), volume 2502 of Lecture Notes in Computer Science, pages 1-23. Springer, 2002.
5. M. Backes, B. Pfitzmann, M. Steiner, and M. Waidner. Polynomial fairness and liveness. In Proc. 15th IEEE Computer Security Foundations Workshop (CSFW), pages 160-174, 2002.
6. M. Backes, B. Pfitzmann, and M. Waidner. A universally composable cryptographic library. IACR Cryptology ePrint Archive 2003/015, Jan. 2003. http://eprint.iacr.org/.
7. S. Bensalem, V. Ganesh, Y. Lakhnech, C. Muñoz, S. Owre, H. Rueß, J. Rushby, V. Rusu, H. Saïdi, N. Shankar, E. Singerman, and A. Tiwari. An overview of SAL. In LFM 2000: Fifth NASA Langley Formal Methods Workshop, pages 187-196, 2000.
8. C. Cachin and J. A. Poritz. Secure intrusion-tolerant replication on the Internet. In Proc. International Conference on Dependable Systems and Networks (DSN), pages 167-176, 2002.
9. E. Clark, O. Grumberg, and D. Peled. Model Checking. The MIT Press, 1999.
10. D. Dolev and A. C. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, 29(2):198-208, 1983.
11. D. Harel and M. Politi. Modeling Reactive Systems with Statecharts: The Statemate Approach. McGraw-Hill, 1998.
12. C. A. R. Hoare. Communicating Sequential Processes. International Series in Computer Science, Prentice Hall, Kernel Hempstead, 1985.
13. W. Janssen, R. Mateescu, S. Mauw, P. Fennema, and P. van der Stappen. Model checking for managers. In Proc. Theoretical and Practical Aspects of SPIN Model Checking, volume 1680 of Lecture Notes in Computer Science, pages 92-107. Springer, 1999.
14. J. Jürjens. Towards development of secure systems using UMLsec. In Proc. Fundamental Approaches for Software Engineering (FASE), pages 187-200, 2001.
15. E. Kindler and T. Vesper. A temporal logic for events and states. In Proc. 19th International Conference on Application and Theory of Petri Nets, volume 1420 of Lecture Notes in Computer Science, pages 365-384. Springer, 1998.
16. C. Klauck and H.-J. Mueller. Formal business process engineering based on grammer graphs. International Journal on Production Economics, 50:129-140, 1997.
17. J. Koehler, G. Tirenni, and S. Kumaran. From business process model to consistent implementation: A case for formal verification methods. In Proc. 6th IEEE International Enterprise Distributed Object Computing Conference (EDOC), pages 96-106, 2002.
18. M. Koubarakis and D. Plexousakis. A formal model for business process modelling and design. In Proc. Conference on Advanced Information System Engineering, pages 142-156, 2000.
19. T. Lodderstedt, D. Basin, and J. Doser. SecureUML: A UML-based modeling language for model-driven security. In Proc. 5th International Conference on the Unified Modeling Language, volume 2460 of Lecture Notes in Computer Science, pages 425-441. Springer, 2002.
20. G. Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Proc. 2nd International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), volume 1055 of Lecture Notes in Computer Science, pages 147-166. Springer, 1996.
21. N. Lynch. Distributed Algorithms. Morgan Kaufmann Publishers, San Francisco, 1996.
22. D. O'Riordan. Business process standards for web services, available at http://www.webservicesarchitect.com/content/articles/BPSFWSBDO.pdf.
23. S. Owre, N. Shankar, and J. M. Rushby. PVS: A prototype verification system. In Proc. 11th International Conference on Automated Deduction (CADE), volume 607 of Lecture Notes in Computer Science, pages 748-752. springer, 1992.
24. L. Paulson. The inductive approach to verifying cryptographic protocols. Journal of Cryptology, 6(1):85-128, 1998.
25. B. Pfitzmann, M. Schunter, and M. Waidner. Cryptographic security of reactive systems. Presented at the DERA/RHUL Workshop on Secure Architectures and Information Flow, Electronic Notes in Theoretical Computer Science (ENTCS), March 2000. http://www.elsevier.nl/cas/tree/store/tcs/free/noncas/pc/menu.htm.
26. B. Pfitzmann and M. Waidner. A model for asynchronous reactive systems and its application to secure message transmission. In Proc. 22nd IEEE Symposium on Security & Privacy, pages 184-200, 2001.
27. A. W. Roscoe. Modelling and verifying key-exchange protocols using CSP and FDR. In Proc. 8th IEEE Computer Security Foundations Workshop (CSFW), pages 98-107, 1995.
28. A. W. Roscoe and P. Broadfoot. Proving security protocols with model checkers by data independence techniques. Journal of Computer Security, 7(2,3):147-190, 1998.
29. A.C. Yao. Theory and applications of trapdoor functions. In Proc. 23rd IEEE Symposium on Foundations of Computer Science (FOCS), pages 80-91, 1982.