Many information systems today record all operations executed by their users and components. Most of such executions conform with business processes defined by their designers, however, in some systems such as health care systems, the executors deviate from what has been specified because of external factor.
For example, a doctor of a health care system, may decide to skip a task or change the order of execution to save the life of a patient. Nevertheless, some deviations may threat assets of the organization and immediate reparation action must be taken to mitigate the threat.
The LogCompliance plugin is part of the STS-Tool toolset. It permits to analyze anomalous log traces and to identify the security-critical ones. The plugin is based on SecBPMN2 plugin of STS-Tool toolset which permits to specify business process and security policies. The LogCompliance plugin uses the SecBPMN2 business process specified by the users, to identify log traces that deviate, and it runs a security analysis that based on the security policies defined with SecBPMN2. If a log trace fails the verification, then it is classified as security-critical and shown to the user.
You can download LogCompliance directly from the plugin manager of STS-Tool, or download STS-Tool with the plugin already installed from the following list.
Latest available version
The manual for the Log Compliance plug-in describes how to use the plug-in, to guide users to obtain correct results.
- Log Compliance User Guide (777.4 KB)
This examples are used to show what to expect as a result from using the plug-in. We provide a exported STS project files, that contain a SecBPMN2 file, a log file and a few security policies. To import the projects in STS-Tool, execute the software, then click File -> Import.. and select the file you downloaded.
To see the business process file and log file, navigate into the opened projects in the folder Model – > SecBPMN2 -> business processes.
To see the security policies files navigate into Model -> SecBPMN2 -> security policies -> user.
A simple example about the interaction between the doctor and patient.