際際滷

際際滷Share a Scribd company logo

IBIMA 2015 Conference Preesntation

Download as PPTX, PDF
Angel Jesus Varela Vaca
Angel Jesus Varela Vaca

The document proposes an open-source proactive security infrastructure for business process management. It uses connectors to log security-related events from business processes and an agent to collect these logs. The logs are sent to an AlienVault security information and event management system for continuous monitoring and analysis of security requirements. The system applies correlation rules to check compliance and can send security alerts to the business process execution if issues are detected, allowing it to take proactive security responses. The overall goal is to externally monitor, analyze, and ensure compliance with security requirements for business processes in real-time.

1 of 20
Download to read offline
An Open-Source Proactive Security Infrastructure for Business Process Management Dr. ngel Jes炭s Varela Vaca Mar鱈a Teresa G坦mez-L坦pez, David Jim辿nez Vargas, Rafael Mart鱈nez Gasca, Antonio J. Su叩rez, Pedro J. Abad IDEA Research Group, ETS. Ingenier鱈a Inform叩tica - Department of Computer Languages and Systems University of Seville
Outline Background Security Challenges Infrastructure / Case study Conclusions and future works
Background 3 Internet BPMS T1 T2 T3 ... ... Customers Execute/ Enact Data Bases T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... SMEs moving on Internet-driven market: Externalization and automation Mechanisms for data analysis
Background 4 Internet BPMS T1 T2 T3 ... ... Customers Execute/ Enact Data Bases Malcious Customer T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... SECURITY Regulation & Law compliance Tech. lack of security awareness Small budgets
Security challenges 5 Internet BPMS T1 T2 T3 ... ... Customers Execute/ Enact Data Bases Malcious Customer T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... Wolter et al. (2011) Menzel et al. (2012) Mechanisms to represent security requirements at process level Leitner et al. (2015) Extension to represent security in processes aware systems
Security challenges 6 Internet BPMS T1 T2 T3 ... ... Customers Execute/ Enact Data Bases Malcious Customer T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... Weske et al. (2007) Monitoring: state of the process and log data. Business Activity Monitoring: analyze logs trails to identify problems. Gonzalez et al. (2011) Active monitoring: state process execution information at real-time Passive monitoring: upon request information
Research statements: How to monitor security requirements? How monitoring/analyze security requirements externally? How check compliance of security requirements externally? How to be security proactive? Security challenges 7 Internet BPMS T1 T2 T3 ... ... Customers Execute/ Enact Data Bases Malcious Customer T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ...
Infrastructure Case Study 8 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2
Infrastructure Case Study 9 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2
Infrastructure Case Study 10 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2
Infrastructure Case Study 11 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 Groovy Connectors
Infrastructure Case Study 12 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2
Infrastructure Case Study 13 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 Logs Agent Log Colector OSSIM (AlienVault) Continuous Monitoring 3
Logs Agent Log Colector Infrastructure Case Study 14 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 OSSIM (AlienVault) Continuous Monitoring 3
Infrastructure 15 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 Logs Agent Log Colector OSSIM (AlienVault) Continuous Monitoring 3 DecoderMatching Active Response A1 A2 A3 Rol1 if (T1.Rol = Rol1){ Allow } else { Deny } Log Send Alert Security Admin. DecomposeAnalyseReact 123 Control 3.13.23.3
Infrastructure 16 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 Logs Agent Log Colector OSSIM (AlienVault) Continuous Monitoring 3 DecoderMatching Active Response A1 A2 A3 Rol1 if (T1.Rol = Rol1){ Allow } else { Deny } Log Send Alert Security Admin. DecomposeAnalyseReact 123 Control 3.13.23.3
Infrastructure 17 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 Logs Agent Log Colector OSSIM (AlienVault) Continuous Monitoring 3 DecoderMatching Active Response A1 A2 A3 Rol1 if (T1.Rol = Rol1){ Allow } else { Deny } Log Send Alert Security Admin. DecomposeAnalyseReact 123 Control 3.13.23.3
Infrastructure 18 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 Logs Agent Log Colector OSSIM (AlienVault) Continuous Monitoring 3 DecoderMatching Active Response A1 A2 A3 Rol1 if (T1.Rol = Rol1){ Allow } else { Deny } Log Send Alert Security Admin. DecomposeAnalyseReact 123 Control 3.13.23.3 Send signals Security Alerts (if any) 4 5
Conclusions 19 How to monitor security requirements? Using connectors to log information and agent to collect them. How monitoring/analyze security requirements externally? AlientVault (SIEM) system. How check compliance of security requirements externally? Engine based on rules and correlation rules. How to be security proactive? Creation of alarms and sending signals through APIs to the process execution.
Thank for your attention, questions? Dr. ngel J. Varela Vaca E-mail: ajvarela@us.es

More Related Content

IBIMA 2015 Conference Preesntation

  • 1. An Open-Source Proactive Security Infrastructure for Business Process Management Dr. ngel Jes炭s Varela Vaca Mar鱈a Teresa G坦mez-L坦pez, David Jim辿nez Vargas, Rafael Mart鱈nez Gasca, Antonio J. Su叩rez, Pedro J. Abad IDEA Research Group, ETS. Ingenier鱈a Inform叩tica - Department of Computer Languages and Systems University of Seville
  • 2. Outline Background Security Challenges Infrastructure / Case study Conclusions and future works
  • 4. Background 4 Internet BPMS T1 T2 T3 ... ... Customers Execute/ Enact Data Bases Malcious Customer T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... SECURITY Regulation & Law compliance Tech. lack of security awareness Small budgets
  • 5. Security challenges 5 Internet BPMS T1 T2 T3 ... ... Customers Execute/ Enact Data Bases Malcious Customer T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... Wolter et al. (2011) Menzel et al. (2012) Mechanisms to represent security requirements at process level Leitner et al. (2015) Extension to represent security in processes aware systems
  • 6. Security challenges 6 Internet BPMS T1 T2 T3 ... ... Customers Execute/ Enact Data Bases Malcious Customer T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... Weske et al. (2007) Monitoring: state of the process and log data. Business Activity Monitoring: analyze logs trails to identify problems. Gonzalez et al. (2011) Active monitoring: state process execution information at real-time Passive monitoring: upon request information
  • 7. Research statements: How to monitor security requirements? How monitoring/analyze security requirements externally? How check compliance of security requirements externally? How to be security proactive? Security challenges 7 Internet BPMS T1 T2 T3 ... ... Customers Execute/ Enact Data Bases Malcious Customer T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ... T1 T2 T3 ... ...
  • 8. Infrastructure Case Study 8 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2
  • 9. Infrastructure Case Study 9 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2
  • 10. Infrastructure Case Study 10 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2
  • 11. Infrastructure Case Study 11 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 Groovy Connectors
  • 12. Infrastructure Case Study 12 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2
  • 13. Infrastructure Case Study 13 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 Logs Agent Log Colector OSSIM (AlienVault) Continuous Monitoring 3
  • 14. Logs Agent Log Colector Infrastructure Case Study 14 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 OSSIM (AlienVault) Continuous Monitoring 3
  • 15. Infrastructure 15 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 Logs Agent Log Colector OSSIM (AlienVault) Continuous Monitoring 3 DecoderMatching Active Response A1 A2 A3 Rol1 if (T1.Rol = Rol1){ Allow } else { Deny } Log Send Alert Security Admin. DecomposeAnalyseReact 123 Control 3.13.23.3
  • 16. Infrastructure 16 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 Logs Agent Log Colector OSSIM (AlienVault) Continuous Monitoring 3 DecoderMatching Active Response A1 A2 A3 Rol1 if (T1.Rol = Rol1){ Allow } else { Deny } Log Send Alert Security Admin. DecomposeAnalyseReact 123 Control 3.13.23.3
  • 17. Infrastructure 17 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 Logs Agent Log Colector OSSIM (AlienVault) Continuous Monitoring 3 DecoderMatching Active Response A1 A2 A3 Rol1 if (T1.Rol = Rol1){ Allow } else { Deny } Log Send Alert Security Admin. DecomposeAnalyseReact 123 Control 3.13.23.3
  • 18. Infrastructure 18 Network Bonita BPM (Apache + Tomcat) T1 T2 T3 ... ... Events log Customers Execute/ Enact API REST Generate 1 2 Logs Agent Log Colector OSSIM (AlienVault) Continuous Monitoring 3 DecoderMatching Active Response A1 A2 A3 Rol1 if (T1.Rol = Rol1){ Allow } else { Deny } Log Send Alert Security Admin. DecomposeAnalyseReact 123 Control 3.13.23.3 Send signals Security Alerts (if any) 4 5
  • 19. Conclusions 19 How to monitor security requirements? Using connectors to log information and agent to collect them. How monitoring/analyze security requirements externally? AlientVault (SIEM) system. How check compliance of security requirements externally? Engine based on rules and correlation rules. How to be security proactive? Creation of alarms and sending signals through APIs to the process execution.
  • 20. Thank for your attention, questions? Dr. ngel J. Varela Vaca E-mail: ajvarela@us.es

Editor's Notes

  • #2: Thank you very much, first of all I'd like to be grateful for this opportunity to present my research for all of you. Although this presentation is titled Automatic Selection of Optimal Configurations and Security Compliance Checking, at the beginning Im going to introduce myself. After that Im going to describe in details my proposal for the selection of configurations. Finally, Im going to show the ongoing works that currently Im working on.
  • #3: 2
  • #21: Muchas gracias .
AboutCopyright
息 2025 際際滷