IIT Home Page CNR Home Page

Automated synthesis and ranking of secure BPMN orchestrators

We describe a formal methodology for the automatic synthesis of a secure orchestrator for a set of BPMN processes.The synthesized orchestrator is able to guarantee that all the processes that are started reach their end, and the resulting orchestrator process is secure, that is, it does not allow disclosure of certain secret messages.In this work we present an implementation of a forth and back translation from BPMN to crypto-CCS, in such a way to exploit the PaMoChSA tool for synthesizing orchestrators.Furthermore, we study the problem of ranking orchestrators based on quantitative valuations of a process, and on the temporal evolution of such valuations and their security, as a function of the knowledge of the attacker.

 


International Journal of Secure Software Engineering JISSE, 2014

External authors: Vincenzo Ciancia (ISTI-CNR), Jose Antonio Martin (UMA), Ernesto Pimentel (UMA)
IIT authors:

Type: Article in non-ISI Journal with international referees
Field of reference: Information Technology and Communication Systems
Available online at http://www.igi-global.com/article/automated-synthesis-and-ranking-of-secure-bpmn-orchestrators/113726 Da pagina 44 a pagina 64

Activity: Metodi formali per la sicurezza di sistemi ICT
Architetture, protocolli e meccanismi di sicurezza per sistemi e servizi distribuiti