SecBpmn & DM

Data-minimization and Fairness-aware SecBPMN2

Detecting conflicts between security, data-minimization, and fairness requirements is a challenging task. Since such conflicts arise in the specific context of how the technical and organizational components of the target system interact with each other, their detection requires a thorough understanding of the underlying business processes. For example, a process may require anonymous execution for a task that writes data to a secure data storage, where the identity of the executor is needed for the purpose of accountability.

To address this challenge, we propose an extension of the SecBPMN2 modeling language to enable:

  1. The specification of process-oriented security, data-minimization and fairness requirements.
  2. The specification of security, data-minimization and fairness requirements as SecBPMN2 queries that can be verified against Security, data-minimization, and fairness-annotated SecBPMN2 models.
  3. The detection of conflicts between these requirements based on a catalog of domain-independent anti-patterns.

Latest available version

Name Version Operating
System
Release
Date
Min. Java
version
Size
STS-Tool SecBpmn & DM - Win 32bit 1.1.1 Windows 32 bit February 06, 2019 Java 7 108 MB
STS-Tool SecBpmn & DM - Win 64bit 1.1.1 Windows 64 bit February 06, 2019 Java 7 108 MB
STS-Tool SecBpmn & DM - Linux 32bit 1.1.1 Linux 32 bit February 06, 2019 Java 7 108 MB
STS-Tool SecBpmn & DM - Linux 64bit 1.1.1 Linux 64 bit February 06, 2019 Java 7 108 MB
STS-Tool SecBpmn & DM - Mac 64bit 1.1.1 MacOs 64 bit February 06, 2019 Java 7 108 MB

 

Additional files