Automated Synthesis and Ranking of Secure BPMN Orchestrators

Author

Ciancia, V. ; Martinelli, F. ; Matteucci, Ilaria ; Petrocchi, Marinella ; Martin, Jose Antonio ; Pimentel, E.

Author_Institution

Ist. di Inf. e Telematica, Pisa, Italy

fYear

2013

fDate

2-6 Sept. 2013

Firstpage

455

Lastpage

464

Abstract

We describe a formal methodology for the automatic synthesis of a secure orchestrator for a set of BPMN processes. The synthesized orchestrator is able to guarantee that all the processes that are started reach their end, and the resulting orchestrator process is secure, that is, it does not allow discloure of certain secret messages. In this work we present an implementation of a forth and back translation from BPMN to crypto-CCS, in such a way to exploit the PaMoChSA tool for synthesizing orchestrators. Furthermore, we study the problem of ranking orchestrators based on quantitative valuations of a process, and on the temporal evolution of such valuations and their security, as a function of the knowledge of the attacker.

Keywords

business data processing; cryptography; formal verification; PaMoChSA tool; automated secure BPMN orchestrator ranking; automated secure BPMN orchestrator synthesis; business process modelling notation; crypto-CCS; formal methodology; quantitative valuations; temporal evolution; Collaboration; Cryptography; Insurance; Logic gates; Reactive power; Semantics; Business Process Modelling Notation; Partial Model Checking; Process Algebras; Quantitative security; Secure Service Composition; Synthesis of Functional and Secure Processes;

fLanguage

English

Publisher

ieee

Conference_Titel

Availability, Reliability and Security (ARES), 2013 Eighth International Conference on

Conference_Location

Regensburg

Type

conf

DOI

10.1109/ARES.2013.60

Filename

6657276