Security in information systems has gained increased attention in the last decade. To ensure that processes in information systems are executed correctly at runtime, it is necessary to define permissions. The execution of process instances is typically recorded in so called event logs. In this thesis, an approach is presented to automatically compare permissions specified in an object-centric Process Management System with the permissions from an event log. Permissions can be identified that match the specification of the model as well as permissions that violate the authorizations. Furthermore, permissions can be identified that are defined in the system but are not used at runtime. In addition, these deviations are classified in different patterns with consideration of the severity and domain knowledge. Last, severity and likelihood may be used to semi-automatically prioritize identified deviations using a risk matrix.
BA Abschlussvortrag, Isabel Seiffert, Ort: O27/5202, Datum: 04.10.2023, Zeit: 15:00 Uhr