Security Compliance Tracking of Processes in Networked Cooperating Systems

Roland Rieke1, 2+, Maria Zhdanova1, and Jürgen Repp1
 

1 Fraunhofer Institute SIT, Darmstadt, Germany
{roland.rieke, maria.zhdanova, juergen.repp}@sit.fraunhofer.de

 

2 Philipps-Universität Marburg, Germany  

 

 

Abstract

Systems of systems that collaborate for a common purpose are called cooperating systems. Typical examples of novel cooperating systems are electronic health systems and electronic money transfer systems but also critical infrastructures, such as future vehicular ad hoc networks and distributed air traffic management systems. Business processes and technical workflows control the cooperation of the networked systems. Important safety and security goals of the applications, business goals, and external compliance requirements create security obligations for such processes. These processes must not only be secure, they must be demonstrably so. To support this, we present an approach for security compliance tracking of processes in networked cooperating systems using an advanced method of predictive security analysis at runtime. At that, operational models are utilized for: (a) tracking conformance of process behavior with respect to the specification, (b) detection of behavior anomalies which indicate possible attacks, (c) tracking compliance of process behavior with respect to safety and security requirements, and (d) prediction of possible violations of safety and security policies in the near future. We provide an extensive background analysis, introduce the model-based conformance tracking and uncertainty management algorithm, and describe security compliance tracking and model-based behavior prediction. We demonstrate the implementation of the proposed approach on a critical infrastructure scenario from a European research project.

 

Keywords: Predictive Security Analysis, Model-based Process Behavior Analysis, Security Modeling and Simulation, Security Compliance Monitoring, Security Information and Event Management, Governance and Compliance, Security of Critical Infrastructures

 

+: Corresponding author: Roland Rieke
Fraunhofer Institute SIT, Rheinstrasse 75, 64295 Darmstadt, Germany, Web: http://rieke.link/

 

Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA),
Vol. 6, No. 2, pp. 21-40, June 2015 [pdf]