SecBpmn & DM

Data-minimization and Fairness-aware SecBPMN2

Detecting conflicts between security, data-minimization, and fairness requirements is a challenging task. Since such conflicts arise in the specific context of how the technical and organizational components of the target system interact with each other, their detection requires a thorough understanding of the underlying business processes. For example, a process may require anonymous execution for a task that writes data to a secure data storage, where the identity of the executor is needed for the purpose of accountability.

To address this challenge, we propose an extension of the SecBPMN2 modeling language to enable:

  1. The specification of process-oriented security, data-minimization and fairness requirements.
  2. The specification of security, data-minimization and fairness requirements as SecBPMN2 queries that can be verified against Security, data-minimization, and fairness-annotated SecBPMN2 models.
  3. The detection of conflicts between these requirements based on a catalog of domain-independent anti-patterns.

Latest available version

Name Version Operating System Release Date Min. Java version Size
STS-Tool SecBpmn & DM v.1.0.0 windows32bit 1.0.0 Windows 32 bit 2018-03-03 Java 7 107.9 MB
STS-Tool SecBpmn & DM v.1.0.0 windows64bit 1.0.0 Windows 64 bit 2018-03-03 Java 7 107.9 MB
STS-Tool SecBpmn & DM v.1.0.0 linux32bit 1.0.0 Linux 32 bit 2018-03-03 Java 7 107.8 MB
STS-Tool SecBpmn & DM v.1.0.0 linux64bit 1.0.0 Linux 64 bit 2018-03-03 Java 7 108 MB
STS-Tool SecBpmn & DM v.1.0.0 mac64bit 1.0.0 Mac 64 bit 2018-03-03 Java 7 107.5 MB

Additional files

About the extension's author

The data-minimization and fairness-aware extension for STS and SecBppmn has been developed by Qusai Ramadan.