Security Compliance Tracking of
Processes in Networked Cooperating Systems 1
Fraunhofer Institute SIT, Darmstadt, Germany 2 Philipps-Universität
Marburg, Germany Abstract Systems of systems that collaborate for a common purpose are called cooperating systems. Typical examples of novel cooperating systems are electronic health systems and electronic money transfer systems but also critical infrastructures, such as future vehicular ad hoc networks and distributed air traffic management systems. Business processes and technical workflows control the cooperation of the networked systems. Important safety and security goals of the applications, business goals, and external compliance requirements create security obligations for such processes. These processes must not only be secure, they must be demonstrably so. To support this, we present an approach for security compliance tracking of processes in networked cooperating systems using an advanced method of predictive security analysis at runtime. At that, operational models are utilized for: (a) tracking conformance of process behavior with respect to the specification, (b) detection of behavior anomalies which indicate possible attacks, (c) tracking compliance of process behavior with respect to safety and security requirements, and (d) prediction of possible violations of safety and security policies in the near future. We provide an extensive background analysis, introduce the model-based conformance tracking and uncertainty management algorithm, and describe security compliance tracking and model-based behavior prediction. We demonstrate the implementation of the proposed approach on a critical infrastructure scenario from a European research project. Keywords: Predictive Security Analysis,
Model-based Process Behavior Analysis, Security Modeling and Simulation,
Security Compliance Monitoring, Security Information and Event Management,
Governance and Compliance, Security of Critical Infrastructures +: Corresponding author: Roland Rieke Journal
of Wireless Mobile Networks, Ubiquitous Computing, and Dependable
Applications (JoWUA), |