Procedural security analysis: A methodological approach

This article introduces what we call procedural security analysis, an approach that allows for a systematic security assessment of (business) processes. The approach is based on explicit reasoning on asset flows and is implemented by building formal models to describe the nominal procedures under an...

Full description

Saved in:
Bibliographic Details
Published inThe Journal of systems and software Vol. 84; no. 7; pp. 1114 - 1129
Main Authors Weldemariam, Komminist, Villafiorita, Adolfo
Format Journal Article
LanguageEnglish
Published New York Elsevier Inc 01.07.2011
Elsevier Sequoia S.A
Subjects
Business
Business process reengineering
Computer programs
Elections
Electronic voting
Electronics
Formal specification and verification
Information systems
Mathematical models
Programming languages
Security
Security assessment
Security management
Software
Studies
Switches
Voting machines
Formal specification and verification
Security assessment
Electronic voting
Online AccessGet full text

Cover

Abstract This article introduces what we call procedural security analysis, an approach that allows for a systematic security assessment of (business) processes. The approach is based on explicit reasoning on asset flows and is implemented by building formal models to describe the nominal procedures under analysis, by injecting possible threat-actions of such models, and by assuming that any combination of threats can be possible in all steps into such models. We use the NuSMV input language to encode the asset flows, which are amenable for formal analysis. This allows us to understand how the switch to a new technological solution changes the requirements of an organization, with the ultimate goal of defining the new processes that ensure a sufficient level of security. We have applied the technique to a real-world electronic voting system named ProVotE to analyze the procedures used during and after elections. Such analyses are essential to identify the limits of the current procedures (i.e., conditions under which attacks are undetectable) and to identify the hypotheses that can guarantee reasonably secure electronic elections. Additionally, the results of the analyses can be a step forward to devise a set of requirements, to be applied both at the organizational level and on the (software) systems to make them more secure.
AbstractList This article introduces what we call procedural security analysis, an approach that allows for a systematic security assessment of (business) processes. The approach is based on explicit reasoning on asset flows and is implemented by building formal models to describe the nominal procedures under analysis, by injecting possible threat-actions of such models, and by assuming that any combination of threats can be possible in all steps into such models. We use the NuSMV input language to encode the asset flows, which are amenable for formal analysis. This allows us to understand how the switch to a new technological solution changes the requirements of an organization, with the ultimate goal of defining the new processes that ensure a sufficient level of security. We have applied the technique to a real-world electronic voting system named ProVotE to analyze the procedures used during and after elections. Such analyses are essential to identify the limits of the current procedures (i.e., conditions under which attacks are undetectable) and to identify the hypotheses that can guarantee reasonably secure electronic elections. Additionally, the results of the analyses can be a step forward to devise a set of requirements, to be applied both at the organizational level and on the (software) systems to make them more secure.
This article introduces what we call procedural security analysis, an approach that allows for a systematic security assessment of (business) processes. The approach is based on explicit reasoning on asset flows and is implemented by building formal models to describe the nominal procedures under analysis, by injecting possible threat-actions of such models, and by assuming that any combination of threats can be possible in all steps into such models. We use the NuSMV input language to encode the asset flows, which are amenable for formal analysis. This allows us to understand how the switch to a new technological solution changes the requirements of an organization, with the ultimate goal of defining the new processes that ensure a sufficient level of security. We have applied the technique to a real-world electronic voting system named ProVotE to analyze the procedures used during and after elections. Such analyses are essential to identify the limits of the current procedures (i.e., conditions under which attacks are undetectable) and to identify the hypotheses that can guarantee reasonably secure electronic elections. Additionally, the results of the analyses can be a step forward to devise a set of requirements, to be applied both at the organizational level and on the (software) systems to make them more secure. [PUBLICATION ABSTRACT]
This article introduces what we call procedural security analysis, an approach that allows for a systematic security assessment of (business) processes. The approach is based on explicit reasoning on asset flows and is implemented by building formal models to describe the nominal procedures under analysis, by injecting possible threat-actions of such models, and by assuming that any combination of threats can be possible in all steps into such models. We use the NuSMV input language to encode the asset flows, which are amenable for formal analysis. This allows us to understand how the switch to a new technological solution changes the requirements of an organization, with the ultimate goal of defining the new processes that ensure a sufficient level of security. We have applied the technique to a real-world electronic voting system named ProVotE to analyze the procedures used during and after elections. Such analyses are essential to identify the limits of the current procedures (i.e., conditions under which attacks are undetectable) and to identify the hypotheses that can guarantee reasonably secure electronic elections. Additionally, the results of the analyses can be a step forward to devise a set of requirements, to be applied both at the organizational level and on the (software) systems to make them more secure.
Author Villafiorita, Adolfo
Weldemariam, Komminist
Author_xml – sequence: 1
  givenname: Komminist
  surname: Weldemariam
  fullname: Weldemariam, Komminist
  email: sisai@fbk.eu, komminist@gmail.com
– sequence: 2
  givenname: Adolfo
  surname: Villafiorita
  fullname: Villafiorita, Adolfo
BookMark eNp9kE9LxDAQxYOs4Lr6AbwVL55ak7RNUz0ti_9gQQ96Dmk6cVO6zZq0wn57Z1lPHoSBGZjfm8e8czIb_ACEXDGaMcrEbZd1MWacMpZRLFGckDmTVZ4yzuWMzJEpcGb8jJzH2FFKK075nFRvwRtop6D7JIKZghv3iR50v48u3iXLZAvjxre-95_OIKN3u-C12VyQU6v7CJe_fUE-Hh_eV8_p-vXpZbVcpyYvxZgaIStuGkrruoQCTKG54EIYCmDBMNk0Ni9s1XJpG9pqaypZ1rgprS4t03m-IDfHu2j7NUEc1dZFA32vB_BTVFLWBS0qJpG8_kN2fgr4CUJCoq1kDCF2hEzwMQawahfcVoe9YlQdglSdwiDVIUhFsUSBmvujBvDPbwdBReNgwNRcADOq1rt_1D9b6X1y
CODEN JSSODM
CitedBy_id crossref_primary_10_1109_JSYST_2015_2477472
crossref_primary_10_1108_JSIT_08_2016_0051
Cites_doi 10.1109/ARES.2010.83
10.1109/TSE.2004.33
10.3233/JCS-2009-0340
10.1007/11875567_2
10.1109/TC.2007.1021
10.1007/3-540-45140-4_11
10.1142/S0218843095000032
10.1109/TIFS.2009.2034903
10.1023/A:1009686723414
10.1016/0963-8687(94)90004-3
10.1145/1125808.1125809
10.1007/s10009-006-0001-2
10.1016/j.cose.2005.11.003
ContentType Journal Article
Copyright 2011 Elsevier Inc.
Copyright Elsevier Sequoia S.A. Jul 2011
Copyright_xml – notice: 2011 Elsevier Inc.
– notice: Copyright Elsevier Sequoia S.A. Jul 2011
DBID AAYXX
CITATION
7SC
8FD
JQ2
L7M
L~C
L~D
DOI 10.1016/j.jss.2011.01.064
DatabaseName CrossRef
Computer and Information Systems Abstracts
Technology Research Database
ProQuest Computer Science Collection
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts – Academic
Computer and Information Systems Abstracts Professional
DatabaseTitle CrossRef
Computer and Information Systems Abstracts
Technology Research Database
Computer and Information Systems Abstracts – Academic
Advanced Technologies Database with Aerospace
ProQuest Computer Science Collection
Computer and Information Systems Abstracts Professional
DatabaseTitleList Computer and Information Systems Abstracts
Computer and Information Systems Abstracts
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
Business
EISSN 1873-1228
EndPage 1129
ExternalDocumentID 2356204131
10_1016_j_jss_2011_01_064
S016412121100046X
Genre Feature
GroupedDBID --K
--M
-~X
.DC
.~1
0R~
1B1
1~.
1~5
29L
4.4
457
4G.
5GY
5VS
7-5
71M
8P~
9JN
9M8
AABNK
AACTN
AAEDT
AAEDW
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AAQXK
AAXUO
AAYFN
AAYOK
ABBOA
ABEFU
ABFNM
ABFRF
ABFSI
ABJNI
ABMAC
ABTAH
ABXDB
ABYKQ
ACDAQ
ACGFO
ACGFS
ACGOD
ACNNM
ACRLP
ACZNC
ADBBV
ADEZE
ADHUB
ADJOM
ADMUD
AEBSH
AEFWE
AEKER
AENEX
AFKWA
AFTJW
AGHFR
AGUBO
AGYEJ
AHHHB
AHZHX
AI.
AIALX
AIEXJ
AIKHN
AITUG
AJBFU
AJOXV
ALMA_UNASSIGNED_HOLDINGS
AMFUW
AMRAJ
AOUOD
ASPBG
AVWKF
AXJTR
AZFZN
BKOJK
BKOMP
BLXMC
CS3
DU5
E.L
EBS
EFJIC
EFLBG
EJD
EO8
EO9
EP2
EP3
FDB
FEDTE
FGOYB
FIRID
FNPLU
FYGXN
G-Q
G8K
GBLVA
GBOLZ
HLZ
HVGLF
HZ~
IHE
J1W
KOM
LG9
M41
MO0
MS~
N9A
O-L
O9-
OAUVE
OZT
P-8
P-9
P2P
PC.
PQQKQ
Q38
R2-
RIG
RNS
ROL
RPZ
RXW
SBC
SDF
SDG
SDP
SES
SEW
SPC
SPCBC
SSV
SSZ
T5K
TAE
TN5
TWZ
UHS
UNMZH
VH1
WUQ
XPP
ZMT
ZY4
~G-
AAXKI
AAYXX
AFJKZ
AKRWK
CITATION
7SC
8FD
JQ2
L7M
L~C
L~D
ID FETCH-LOGICAL-c356t-c6872cb00995e4ec4a26266c0eefec18bbf34f7d28fb0dafc7859fec5fa5f1a33
IEDL.DBID AIKHN
ISSN 0164-1212
IngestDate Fri Oct 25 06:50:29 EDT 2024
Thu Oct 10 16:35:26 EDT 2024
Thu Sep 26 17:43:31 EDT 2024
Fri Feb 23 02:33:19 EST 2024
IsPeerReviewed true
IsScholarly true
Issue 7
Keywords Formal specification and verification
Security assessment
Electronic voting
Language English
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c356t-c6872cb00995e4ec4a26266c0eefec18bbf34f7d28fb0dafc7859fec5fa5f1a33
Notes ObjectType-Article-2
SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 23
PQID 868262811
PQPubID 45802
PageCount 16
ParticipantIDs proquest_miscellaneous_889404718
proquest_journals_868262811
crossref_primary_10_1016_j_jss_2011_01_064
elsevier_sciencedirect_doi_10_1016_j_jss_2011_01_064
PublicationCentury 2000
PublicationDate 2011-07-01
PublicationDateYYYYMMDD 2011-07-01
PublicationDate_xml – month: 07
  year: 2011
  text: 2011-07-01
  day: 01
PublicationDecade 2010
PublicationPlace New York
PublicationPlace_xml – name: New York
PublicationTitle The Journal of systems and software
PublicationYear 2011
Publisher Elsevier Inc
Elsevier Sequoia S.A
Publisher_xml – name: Elsevier Inc
– name: Elsevier Sequoia S.A
References Sastry, Kohno, Wagner (bib0010) 2006
Delaune, S., Kremer, S., Ryan, M., 2009. Verifying Privacy-Type Properties of Electronic Voting Protocols, Journal of Computer Security 17 (4), 435–487, ISSN 0926-227X.
Lam, Padget (bib0155) 2004
Eshuis (bib0195) 2006; 15
Balzarotti, Banks, Cova, Felmetsger, Kemmerer, Robertson, Valeur, Vigna (bib0125) 2008
Sturton, Jha, Seshia, Wagner (bib0265) 2009
Hogganvik, I., 2007. A Graphical Approach to Security Risk Analysis, Ph.D. thesis, Faculty of Mathematics and Natural Sciences, University of Oslo.
Koubarakis, Plexousakis (bib0130) 2000
Kremer, Ryan (bib0230) 2005
Lambrinoudakis, Kokolakis, Karyda, Tsoumas, Gritzalis, Katsikas (bib0110) 2003
Weldemariam, K., Kemmerer, R.A., Villafiorita, A., 2010. Formal Specification and Analysis of an e-Voting System. In: The 5th International Conference on Availability Reliability and Security, IEEE Computer Society.
Wastell, White, Kawalek (bib0220) 1994; 3
Gerede, C.E., Su, J., 2007. Specification and verification of artifact behaviors in business process models. In: Bernd J. Krämer, Kwei-Jay Lin, Priya Narasimhan (Eds.), ICSOC, vol. 4749 of Lecture Notes in Computer Science, Springer, 181–192.
Xenakis, Macintosh (bib0075) 2005
Tiella, R., Villafiorita, A., Tomasi, S., 2006. Specification of the Control Logic of an eVoting System in UML: the ProVotE experience. In: Proceedings of the 5th International Workshop on Critical Systems Development Using Modeling Languages, 84–94ISSN 0809–1021.
Weldemariam, K., Villafiorita, A., 2008b. Modeling and Analysis of Procedural Security in (e)Voting: The Trentino’s Approach and Experiences, In: EVT/USENIX, USENIX Association, Berkeley, CA, USA.
Basin, Doser, Lodderstedt (bib0025) 2003
Common Criteria, 2007. Common Criteria for Information Technology Security Evaluation, http://www.commoncriteriaportal.org/.
.
Loucopoulos, Kavakli (bib0175) 1995; 4
Cansell, Gibson, Mery (bib0240) 2007
Villafiorita, A., Weldemariam, K., Tiella, R., 2009. Development, Formal Verification, and Evaluation of an E-Voting System With VVPAT, IEEE Transactions on Information Forensics and Security 4 (4).
Booch, G., Rumbaugh, J., Jacobson, I., 2005. Unified Modeling Language User Guide, The (2nd Edition) (Addison-Wesley Object Technology Series), Addison-Wesley Professional.
Bozzano, Villafiorita (bib0045) 2007; 9
Hull (bib0150) 2008
Giacomo, G.D., Lespérance, Y., Levesque, H.J., 2000. ConGolog, a concurrent programming language based on the situation calculus.
Sastry, N.K., 2007. Verifying Security Properties in Electronic Voting Machines, Ph.D. thesis, EECS Department, University of California, Berkeley, URL
Bhattacharya, K., Gerede, C.E., Hull, R., Liu, R., Su, J., 2007. Towards formal analysis of artifact-centric business process models. In: Gustavo Alonso, Peter Dadam, Michael Rosemann (Eds.), BPM, vol. 4714 of Lecture Notes in Computer Science, Springer, 288–304.
Cimatti, Clarke, Giunchiglia, Giunchiglia, Pistore, Roveri, Sebastiani, Tacchella (bib0050) 2002
Backes, Hritcu, Maffei (bib0250) 2008
Jones (bib0105) 2003
Koubarakis, Plexousakis (bib0170) 1999; 17
Yee (bib0015) 2007
Volkamer (bib0085) 2009
Fritz, Hull, Su (bib0215) 2009
Gerede, Bhattacharya, Su (bib0205) 2007
Deutsch, Hull, Patrizi, Vianu (bib0210) 2009
Xu, Nygard (bib0100) 2005
Weldemariam, Villafiorita, Mattioli (bib0160) 2009
Weldemariam, Kemmerer, Villafiorita (bib0260) 2009
Alpar, P., Olbrich, S., 2005. Legal Requirements and Modelling of Processes in e-Government, Electronic Journal of e-Government 3.
Bishop (bib0095) 2002
Hsiung, Chen, Lin (bib0065) 2007; 56
Volkamer, McGaley (bib0080) 2007
Levesque, Pirri, Reiter (bib0180) 1998; 2
Braynov, Jadiwala (bib0135) 2003
Sampigethaya, Poovendran (bib0245) 2006; 25
Adida, B., 2006. Advances in Cryptographic Voting Systems, Ph.D. thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology.
Eshuis, R., 2002. Semantics and Verification of UML Activity Diagrams for Workflow Modelling, Ph.D. thesis, Centre for Telematics and Information Technology (CTIT) University of Twente, P.O. Box 217, 7500 AE Enschede, The Netherlands.
Weldemariam, Villafiorita (bib0275) 2008
Eshuis, R., Wieringa, R., 2004. Tool support for verifying UML activity diagrams, IEEE Transaction on Software Engineering 30 (7).
Fovino, Masera (bib0020) 2006
Xenakis, Macintosh (bib0070) 2004
Mauw, Mateescu, Janssen (bib0165) 1998
Kohno, Stubblefield, Rubin, Wallach (bib0120) 2004
Manian, Bechta, Coppit, Sullivan (bib0060) 1998
Pnueli (bib0055) 1977
Pnueli (10.1016/j.jss.2011.01.064_bib0055) 1977
Hull (10.1016/j.jss.2011.01.064_bib0150) 2008
Bozzano (10.1016/j.jss.2011.01.064_bib0045) 2007; 9
Fritz (10.1016/j.jss.2011.01.064_bib0215) 2009
Yee (10.1016/j.jss.2011.01.064_bib0015) 2007
10.1016/j.jss.2011.01.064_bib0040
10.1016/j.jss.2011.01.064_bib0280
Xenakis (10.1016/j.jss.2011.01.064_bib0075) 2005
Weldemariam (10.1016/j.jss.2011.01.064_bib0275) 2008
10.1016/j.jss.2011.01.064_bib0005
Deutsch (10.1016/j.jss.2011.01.064_bib0210) 2009
10.1016/j.jss.2011.01.064_bib0200
Weldemariam (10.1016/j.jss.2011.01.064_bib0160) 2009
Fovino (10.1016/j.jss.2011.01.064_bib0020) 2006
Cansell (10.1016/j.jss.2011.01.064_bib0240) 2007
Loucopoulos (10.1016/j.jss.2011.01.064_bib0175) 1995; 4
Xenakis (10.1016/j.jss.2011.01.064_bib0070) 2004
Bishop (10.1016/j.jss.2011.01.064_bib0095) 2002
10.1016/j.jss.2011.01.064_bib0090
Braynov (10.1016/j.jss.2011.01.064_bib0135) 2003
Levesque (10.1016/j.jss.2011.01.064_bib0180) 1998; 2
Koubarakis (10.1016/j.jss.2011.01.064_bib0130) 2000
Volkamer (10.1016/j.jss.2011.01.064_bib0080) 2007
10.1016/j.jss.2011.01.064_bib0255
Backes (10.1016/j.jss.2011.01.064_bib0250) 2008
Eshuis (10.1016/j.jss.2011.01.064_bib0195) 2006; 15
Kremer (10.1016/j.jss.2011.01.064_bib0230) 2005
Basin (10.1016/j.jss.2011.01.064_bib0025) 2003
Cimatti (10.1016/j.jss.2011.01.064_bib0050) 2002
10.1016/j.jss.2011.01.064_bib0185
10.1016/j.jss.2011.01.064_bib0140
Wastell (10.1016/j.jss.2011.01.064_bib0220) 1994; 3
Sampigethaya (10.1016/j.jss.2011.01.064_bib0245) 2006; 25
10.1016/j.jss.2011.01.064_bib0225
Koubarakis (10.1016/j.jss.2011.01.064_bib0170) 1999; 17
Weldemariam (10.1016/j.jss.2011.01.064_bib0260) 2009
Balzarotti (10.1016/j.jss.2011.01.064_bib0125) 2008
10.1016/j.jss.2011.01.064_bib0145
Mauw (10.1016/j.jss.2011.01.064_bib0165) 1998
Kohno (10.1016/j.jss.2011.01.064_bib0120) 2004
Gerede (10.1016/j.jss.2011.01.064_bib0205) 2007
Jones (10.1016/j.jss.2011.01.064_bib0105) 2003
Lam (10.1016/j.jss.2011.01.064_bib0155) 2004
Sastry (10.1016/j.jss.2011.01.064_bib0010) 2006
Lambrinoudakis (10.1016/j.jss.2011.01.064_bib0110) 2003
Hsiung (10.1016/j.jss.2011.01.064_bib0065) 2007; 56
Manian (10.1016/j.jss.2011.01.064_bib0060) 1998
Sturton (10.1016/j.jss.2011.01.064_bib0265) 2009
10.1016/j.jss.2011.01.064_bib0030
Xu (10.1016/j.jss.2011.01.064_bib0100) 2005
10.1016/j.jss.2011.01.064_bib0270
10.1016/j.jss.2011.01.064_bib0190
Volkamer (10.1016/j.jss.2011.01.064_bib0085) 2009
10.1016/j.jss.2011.01.064_bib0115
10.1016/j.jss.2011.01.064_bib0235
10.1016/j.jss.2011.01.064_bib0035
References_xml – start-page: 249
  year: 2008
  end-page: 254
  ident: bib0275
  article-title: Formal procedural security modeling and analysis
  publication-title: Proceedings of 3rd International Conference on Risks and Security of Internet and Systems
  contributor:
    fullname: Villafiorita
– volume: 15
  start-page: 1
  year: 2006
  end-page: 38
  ident: bib0195
  article-title: Symbolic model checking of UML activity diagrams
  publication-title: ACM Transactions on Software Engineering and Methodology
  contributor:
    fullname: Eshuis
– start-page: 895
  year: 2007
  end-page: 902
  ident: bib0080
  article-title: Requirements and evaluation procedures for evoting
  publication-title: Proceedings of the The Second International Conference on Availability
  contributor:
    fullname: McGaley
– volume: 56
  start-page: 692
  year: 2007
  end-page: 705
  ident: bib0065
  article-title: Model checking safety-critical systems using safecharts
  publication-title: IEEE Transactions on Computers
  contributor:
    fullname: Lin
– year: 2005
  ident: bib0075
  article-title: Procedural security and social acceptance in e-voting
  publication-title: Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences - Track 5
  contributor:
    fullname: Macintosh
– volume: 17
  start-page: 23
  year: 1999
  end-page: 35
  ident: bib0170
  article-title: Business process modelling and design—a formal model and methodology
  publication-title: BT Technology Journal
  contributor:
    fullname: Plexousakis
– start-page: 133
  year: 2007
  end-page: 140
  ident: bib0205
  article-title: Static analysis of business artifact-centric operational models
  publication-title: Proceedings of the IEEE International Conference on Service-Oriented Computing and Applications
  contributor:
    fullname: Su
– year: 2002
  ident: bib0050
  article-title: NuSMV 2: an open source tool for symbolic model checking
  publication-title: Computer Aided Verification
  contributor:
    fullname: Tacchella
– start-page: 142
  year: 2000
  end-page: 156
  ident: bib0130
  article-title: A formal model for business process modeling and design
  publication-title: CAiSE, Lecture Notes in Computer Science
  contributor:
    fullname: Plexousakis
– year: 2006
  ident: bib0010
  article-title: Designing voting machines for verification
  publication-title: Proceedings of the 15th conference on USENIX Security Symposium
  contributor:
    fullname: Wagner
– start-page: 463
  year: 2009
  end-page: 476
  ident: bib0265
  article-title: On voting machine design for verification and testability
  publication-title: ACM Conference on Computer and Communications Security
  contributor:
    fullname: Wagner
– start-page: 1152
  year: 2008
  end-page: 1163
  ident: bib0150
  article-title: Artifact-centric business process models: brief survey of research results and challenges
  publication-title: Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
  contributor:
    fullname: Hull
– start-page: 329
  year: 2007
  end-page: 338
  ident: bib0240
  article-title: Formal verification of tamper-evident storage for e-voting
  publication-title: Proceedings of the Fifth IEEE International Conference on Software Engineering and Formal Methods
  contributor:
    fullname: Mery
– start-page: 46
  year: 1977
  end-page: 57
  ident: bib0055
  article-title: The temporal logic of programs
  publication-title: FOCS
  contributor:
    fullname: Pnueli
– year: 2009
  ident: bib0085
  article-title: Evaluation of electronic voting: requirements and evaluation procedures to support responsible election authorities
  publication-title: Springer Publishing Company, Incorporated
  contributor:
    fullname: Volkamer
– year: 2006
  ident: bib0020
  article-title: Through the description of attacks: a multidimensional view
  publication-title: SAFECOMP, Lecture Notes in Computer Science
  contributor:
    fullname: Masera
– volume: 9
  start-page: 5
  year: 2007
  end-page: 24
  ident: bib0045
  article-title: The FSAP/NuSMV-SA safety analysis platform
  publication-title: International Journal Software Tools Technology Transfer
  contributor:
    fullname: Villafiorita
– start-page: 21
  year: 1998
  end-page: 36
  ident: bib0165
  article-title: Verifying business processes using spin
  publication-title: Proceedings of the International SPIN Workshop
  contributor:
    fullname: Janssen
– volume: 4
  start-page: 45
  year: 1995
  end-page: 79
  ident: bib0175
  article-title: Enterprise modelling and the teleological approach to requirements engineering
  publication-title: International Journal of Cooperative Information System
  contributor:
    fullname: Kavakli
– year: 2007
  ident: bib0015
  article-title: Extending prerendered-interface voting software to support accessibility and other ballot features
  publication-title: EVT’07: Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology, USENIX Association
  contributor:
    fullname: Yee
– year: 2002
  ident: bib0095
  article-title: Computer Security Art and Science
  contributor:
    fullname: Bishop
– start-page: 252
  year: 2009
  end-page: 267
  ident: bib0210
  article-title: Automatic verification of data-centric business processes
  publication-title: Proceedings of the 12th International Conference on Database Theory
  contributor:
    fullname: Vianu
– volume: 25
  start-page: 137
  year: 2006
  end-page: 153
  ident: bib0245
  article-title: A framework and taxonomy for comparison of electronic voting schemes
  publication-title: Computers & Security
  contributor:
    fullname: Poovendran
– year: 2009
  ident: bib0260
  article-title: Formal analysis of attacks for e-voting system
  publication-title: Forth International Conference on Risks and Security of Internet and Systems, IEEE
  contributor:
    fullname: Villafiorita
– start-page: 186
  year: 2005
  end-page: 200
  ident: bib0230
  article-title: Analysis of an electronic voting protocol in the applied pi calculus
  publication-title: ESOP
  contributor:
    fullname: Ryan
– year: 2009
  ident: bib0160
  article-title: Managing requirements for e-voting systems: issues and approaches motivated by a case study
  publication-title: Proceedings of the first International Workshop on Requirements Engineering for E-voting Systems In conjunction with the 17th IEEE International Requirements Engineering Conference (RE‘09)
  contributor:
    fullname: Mattioli
– start-page: 27
  year: 2004
  ident: bib0120
  article-title: Analysis of an electronic voting system
  publication-title: IEEE Symposium on Security and Privacy 0
  contributor:
    fullname: Wallach
– start-page: 195
  year: 2008
  end-page: 209
  ident: bib0250
  article-title: Automated verification of remote electronic voting protocols in the applied pi-calculus
  publication-title: Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
  contributor:
    fullname: Maffei
– year: 2003
  ident: bib0105
  article-title: The Evaluation of Voting Technology, Chap. 1, Advances in Information Security
  contributor:
    fullname: Jones
– start-page: 21
  year: 1998
  end-page: 28
  ident: bib0060
  article-title: Combining various solution techniques for dynamic fault tree analysis of computer systems
  publication-title: IEEE International Symposium on High-Assurance Systems Engineering
  contributor:
    fullname: Sullivan
– start-page: 342
  year: 2005
  end-page: 346
  ident: bib0100
  article-title: A threat-driven approach to modeling and verifying secure software
  publication-title: Proceedings of the 20th IEEE/ACM international Conference on Automated software engineering
  contributor:
    fullname: Nygard
– start-page: 467
  year: 2003
  ident: bib0110
  article-title: Electronic voting systems: security implications of the administrative workflow
  publication-title: DEXA ‘03: Proceedings of the 14th International Workshop on Database and Expert Systems Applications
  contributor:
    fullname: Katsikas
– year: 2003
  ident: bib0025
  article-title: Model driven security for process-oriented systems
  publication-title: SACMAT, 100–109
  contributor:
    fullname: Lodderstedt
– volume: 3
  start-page: 23
  year: 1994
  end-page: 40
  ident: bib0220
  article-title: A methodology for business process redesign: experiences and issues
  publication-title: Journal of Strategic Information Systems
  contributor:
    fullname: Kawalek
– start-page: 237
  year: 2008
  end-page: 248
  ident: bib0125
  article-title: Are your votes really counted?: Testing the Security of real-world electronic voting systems
  publication-title: Proceedings of the 2008 International Symposium on Software Testing and Analysis
  contributor:
    fullname: Vigna
– start-page: 225
  year: 2009
  end-page: 238
  ident: bib0215
  article-title: Automatic construction of simple artifact-based business processes
  publication-title: ICDT ‘09: Proceedings of the 12th International Conference on Database Theory
  contributor:
    fullname: Su
– start-page: 541
  year: 2004
  end-page: 546
  ident: bib0070
  article-title: Procedural security analysis of electronic voting
  publication-title: Proceedings of the 6th international conference on Electronic commerce
  contributor:
    fullname: Macintosh
– start-page: 43
  year: 2003
  end-page: 51
  ident: bib0135
  article-title: Representation and analysis of coordinated attacks
  publication-title: Proceedings of the 2003 ACM workshop on Formal methods in security engineering
  contributor:
    fullname: Jadiwala
– volume: 2
  start-page: 159
  year: 1998
  end-page: 178
  ident: bib0180
  article-title: Foundations for the situation calculus
  publication-title: Electronic Transaction in Artificial Intelligence
  contributor:
    fullname: Reiter
– start-page: 337
  year: 2004
  end-page: 347
  ident: bib0155
  article-title: Symbolic model checking of UML statechart diagrams with an integrated approach
  publication-title: Proceedings of the 11th IEEE International Conference and Workshop on Engineering of Computer-Based Systems
  contributor:
    fullname: Padget
– start-page: 249
  year: 2008
  ident: 10.1016/j.jss.2011.01.064_bib0275
  article-title: Formal procedural security modeling and analysis
  contributor:
    fullname: Weldemariam
– start-page: 337
  year: 2004
  ident: 10.1016/j.jss.2011.01.064_bib0155
  article-title: Symbolic model checking of UML statechart diagrams with an integrated approach
  contributor:
    fullname: Lam
– ident: 10.1016/j.jss.2011.01.064_bib0270
  doi: 10.1109/ARES.2010.83
– ident: 10.1016/j.jss.2011.01.064_bib0005
– start-page: 27
  year: 2004
  ident: 10.1016/j.jss.2011.01.064_bib0120
  article-title: Analysis of an electronic voting system
  contributor:
    fullname: Kohno
– start-page: 237
  year: 2008
  ident: 10.1016/j.jss.2011.01.064_bib0125
  article-title: Are your votes really counted?: Testing the Security of real-world electronic voting systems
  contributor:
    fullname: Balzarotti
– start-page: 46
  year: 1977
  ident: 10.1016/j.jss.2011.01.064_bib0055
  article-title: The temporal logic of programs
  contributor:
    fullname: Pnueli
– start-page: 467
  year: 2003
  ident: 10.1016/j.jss.2011.01.064_bib0110
  article-title: Electronic voting systems: security implications of the administrative workflow
  contributor:
    fullname: Lambrinoudakis
– start-page: 43
  year: 2003
  ident: 10.1016/j.jss.2011.01.064_bib0135
  article-title: Representation and analysis of coordinated attacks
  contributor:
    fullname: Braynov
– start-page: 21
  year: 1998
  ident: 10.1016/j.jss.2011.01.064_bib0060
  article-title: Combining various solution techniques for dynamic fault tree analysis of computer systems
  contributor:
    fullname: Manian
– ident: 10.1016/j.jss.2011.01.064_bib0280
– start-page: 21
  year: 1998
  ident: 10.1016/j.jss.2011.01.064_bib0165
  article-title: Verifying business processes using spin
  contributor:
    fullname: Mauw
– year: 2005
  ident: 10.1016/j.jss.2011.01.064_bib0075
  article-title: Procedural security and social acceptance in e-voting
  contributor:
    fullname: Xenakis
– ident: 10.1016/j.jss.2011.01.064_bib0030
– ident: 10.1016/j.jss.2011.01.064_bib0185
– start-page: 252
  year: 2009
  ident: 10.1016/j.jss.2011.01.064_bib0210
  article-title: Automatic verification of data-centric business processes
  contributor:
    fullname: Deutsch
– ident: 10.1016/j.jss.2011.01.064_bib0200
  doi: 10.1109/TSE.2004.33
– ident: 10.1016/j.jss.2011.01.064_bib0235
  doi: 10.3233/JCS-2009-0340
– year: 2003
  ident: 10.1016/j.jss.2011.01.064_bib0025
  article-title: Model driven security for process-oriented systems
  contributor:
    fullname: Basin
– ident: 10.1016/j.jss.2011.01.064_bib0115
– ident: 10.1016/j.jss.2011.01.064_bib0190
– year: 2006
  ident: 10.1016/j.jss.2011.01.064_bib0020
  article-title: Through the description of attacks: a multidimensional view
  doi: 10.1007/11875567_2
  contributor:
    fullname: Fovino
– volume: 2
  start-page: 159
  year: 1998
  ident: 10.1016/j.jss.2011.01.064_bib0180
  article-title: Foundations for the situation calculus
  publication-title: Electronic Transaction in Artificial Intelligence
  contributor:
    fullname: Levesque
– start-page: 186
  year: 2005
  ident: 10.1016/j.jss.2011.01.064_bib0230
  article-title: Analysis of an electronic voting protocol in the applied pi calculus
  contributor:
    fullname: Kremer
– year: 2009
  ident: 10.1016/j.jss.2011.01.064_bib0160
  article-title: Managing requirements for e-voting systems: issues and approaches motivated by a case study
  contributor:
    fullname: Weldemariam
– ident: 10.1016/j.jss.2011.01.064_bib0040
– ident: 10.1016/j.jss.2011.01.064_bib0255
– volume: 56
  start-page: 692
  issue: 5
  year: 2007
  ident: 10.1016/j.jss.2011.01.064_bib0065
  article-title: Model checking safety-critical systems using safecharts
  publication-title: IEEE Transactions on Computers
  doi: 10.1109/TC.2007.1021
  contributor:
    fullname: Hsiung
– start-page: 895
  year: 2007
  ident: 10.1016/j.jss.2011.01.064_bib0080
  article-title: Requirements and evaluation procedures for evoting
  contributor:
    fullname: Volkamer
– year: 2009
  ident: 10.1016/j.jss.2011.01.064_bib0260
  article-title: Formal analysis of attacks for e-voting system
  contributor:
    fullname: Weldemariam
– start-page: 195
  year: 2008
  ident: 10.1016/j.jss.2011.01.064_bib0250
  article-title: Automated verification of remote electronic voting protocols in the applied pi-calculus
  contributor:
    fullname: Backes
– start-page: 342
  year: 2005
  ident: 10.1016/j.jss.2011.01.064_bib0100
  article-title: A threat-driven approach to modeling and verifying secure software
  contributor:
    fullname: Xu
– start-page: 142
  year: 2000
  ident: 10.1016/j.jss.2011.01.064_bib0130
  article-title: A formal model for business process modeling and design
  doi: 10.1007/3-540-45140-4_11
  contributor:
    fullname: Koubarakis
– year: 2002
  ident: 10.1016/j.jss.2011.01.064_bib0050
  article-title: NuSMV 2: an open source tool for symbolic model checking
  contributor:
    fullname: Cimatti
– volume: 4
  start-page: 45
  issue: 1
  year: 1995
  ident: 10.1016/j.jss.2011.01.064_bib0175
  article-title: Enterprise modelling and the teleological approach to requirements engineering
  publication-title: International Journal of Cooperative Information System
  doi: 10.1142/S0218843095000032
  contributor:
    fullname: Loucopoulos
– start-page: 133
  year: 2007
  ident: 10.1016/j.jss.2011.01.064_bib0205
  article-title: Static analysis of business artifact-centric operational models
  contributor:
    fullname: Gerede
– ident: 10.1016/j.jss.2011.01.064_bib0090
  doi: 10.1109/TIFS.2009.2034903
– year: 2003
  ident: 10.1016/j.jss.2011.01.064_bib0105
  contributor:
    fullname: Jones
– year: 2006
  ident: 10.1016/j.jss.2011.01.064_bib0010
  article-title: Designing voting machines for verification
  contributor:
    fullname: Sastry
– volume: 17
  start-page: 23
  issue: 4
  year: 1999
  ident: 10.1016/j.jss.2011.01.064_bib0170
  article-title: Business process modelling and design—a formal model and methodology
  publication-title: BT Technology Journal
  doi: 10.1023/A:1009686723414
  contributor:
    fullname: Koubarakis
– ident: 10.1016/j.jss.2011.01.064_bib0145
– ident: 10.1016/j.jss.2011.01.064_bib0225
– start-page: 541
  year: 2004
  ident: 10.1016/j.jss.2011.01.064_bib0070
  article-title: Procedural security analysis of electronic voting
  contributor:
    fullname: Xenakis
– volume: 3
  start-page: 23
  year: 1994
  ident: 10.1016/j.jss.2011.01.064_bib0220
  article-title: A methodology for business process redesign: experiences and issues
  publication-title: Journal of Strategic Information Systems
  doi: 10.1016/0963-8687(94)90004-3
  contributor:
    fullname: Wastell
– start-page: 329
  year: 2007
  ident: 10.1016/j.jss.2011.01.064_bib0240
  article-title: Formal verification of tamper-evident storage for e-voting
  contributor:
    fullname: Cansell
– volume: 15
  start-page: 1
  issue: 1
  year: 2006
  ident: 10.1016/j.jss.2011.01.064_bib0195
  article-title: Symbolic model checking of UML activity diagrams
  publication-title: ACM Transactions on Software Engineering and Methodology
  doi: 10.1145/1125808.1125809
  contributor:
    fullname: Eshuis
– start-page: 225
  year: 2009
  ident: 10.1016/j.jss.2011.01.064_bib0215
  article-title: Automatic construction of simple artifact-based business processes
  contributor:
    fullname: Fritz
– year: 2009
  ident: 10.1016/j.jss.2011.01.064_bib0085
  article-title: Evaluation of electronic voting: requirements and evaluation procedures to support responsible election authorities
  contributor:
    fullname: Volkamer
– start-page: 463
  year: 2009
  ident: 10.1016/j.jss.2011.01.064_bib0265
  article-title: On voting machine design for verification and testability
  contributor:
    fullname: Sturton
– year: 2002
  ident: 10.1016/j.jss.2011.01.064_bib0095
  contributor:
    fullname: Bishop
– start-page: 1152
  year: 2008
  ident: 10.1016/j.jss.2011.01.064_bib0150
  article-title: Artifact-centric business process models: brief survey of research results and challenges
  contributor:
    fullname: Hull
– ident: 10.1016/j.jss.2011.01.064_bib0140
– volume: 9
  start-page: 5
  issue: 1
  year: 2007
  ident: 10.1016/j.jss.2011.01.064_bib0045
  article-title: The FSAP/NuSMV-SA safety analysis platform
  publication-title: International Journal Software Tools Technology Transfer
  doi: 10.1007/s10009-006-0001-2
  contributor:
    fullname: Bozzano
– ident: 10.1016/j.jss.2011.01.064_bib0035
– volume: 25
  start-page: 137
  issue: 2
  year: 2006
  ident: 10.1016/j.jss.2011.01.064_bib0245
  article-title: A framework and taxonomy for comparison of electronic voting schemes
  publication-title: Computers & Security
  doi: 10.1016/j.cose.2005.11.003
  contributor:
    fullname: Sampigethaya
– year: 2007
  ident: 10.1016/j.jss.2011.01.064_bib0015
  article-title: Extending prerendered-interface voting software to support accessibility and other ballot features
  contributor:
    fullname: Yee
SSID ssj0007202
Score 2.0622675
Snippet This article introduces what we call procedural security analysis, an approach that allows for a systematic security assessment of (business) processes. The...
SourceID proquest
crossref
elsevier
SourceType Aggregation Database
Publisher
StartPage 1114
SubjectTerms Business
Business process reengineering
Computer programs
Elections
Electronic voting
Electronics
Formal specification and verification
Information systems
Mathematical models
Programming languages
Security
Security assessment
Security management
Software
Studies
Switches
Voting machines
Title Procedural security analysis: A methodological approach
URI https://dx.doi.org/10.1016/j.jss.2011.01.064
https://www.proquest.com/docview/868262811
https://search.proquest.com/docview/889404718
Volume 84
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3PS8MwFH7odvHib3FOJQdPQl2bpm3qbYgyFXZRYbeQn7AdtuG2q3-7L20iKOhByKlJaPmSvLz0ffkewFXKpKJGuaQ2Cg8oVvNE4egmjuIMsawujW0IsuNy9MaeJsVkC-7iXRhPqwy2v7XpjbUOTwYBzcFyOh28eHGojHqJsuYK5GQbuk2QqAPd4ePzaPxlkCvaUA99-8R3iMHNhuY1W62CkCeWkv22Pf0w1M3u87APu8FtJMP2yw5gy84PYS-mZCBhhR5B1RD_jdfSIKuQmo7IIDxyS4akzRgdLR6JkuLH8PZw_3o3SkJuhETnRblOdMkrqpV38AqLEDNJ8WhS6tRaZ3XGlXI5c5Wh3KnUSKcrXtRYUzhZuEzm-Ql05ou5PQVSmErmWEcNrk30gOqMO8Z05TSV1qamB9cRErFsJTBE5IbNBOInPH4ixVKyHrAImvg2jgJN9F_d-hFgERbRSvASzz6UZ1kPyFctzn4f0pBzu9hgE16z1O-vZ_97bx922p_Enn97Dp31-8ZeoJexVpewffORXYa59AlidtJg
link.rule.ids 315,783,787,4511,24130,27938,27939,45599,45693
linkProvider Elsevier
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV07T8MwED4BHWDhjShPD0xIURPHSRy2ClG1FLpApW6WnxIMBdHy_zkndiWQYEDyFNtKdD5_PsefvwO4SplU1CiX1EbhBsVqnigc3cRR9BDL6tLYhiA7KYdTdj8rZmtwG-_CeFplwP4W0xu0Dk96wZq995eX3pMXh8qolyhrrkDO1qGD0UCNzt7pj8bDyQqQK9pQD337xHeIh5sNzet1sQhCnlhK9tvy9AOom9VnsAvbIWwk_fbL9mDNzvdhJ6ZkIGGGHkDVEP-N19Igi5CajsggPHJD-qTNGB0Rj0RJ8UOYDu6eb4dJyI2Q6Lwol4kueUW18gFeYdHETFLcmpQ6tdZZnXGlXM5cZSh3KjXS6YoXNdYUThYuk3l-BBvzt7k9BlKYSuZYRw3OTYyA6ow7xnTlNJXWpqYL19Ek4r2VwBCRG_Yq0H7C20-kWErWBRaNJr6No0CI_qvbaTSwCJNoIXiJex_Ks6wLZFWL3u-PNOTcvn1iE16z1K-vJ_977yVsDp8fH8TDaDI-ha32h7Hn4p7BxvLj055jxLFUF8GjvgCSKtRd
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Procedural+security+analysis%3A+A+methodological+approach&rft.jtitle=The+Journal+of+systems+and+software&rft.au=Weldemariam%2C+Komminist&rft.au=Villafiorita%2C+Adolfo&rft.date=2011-07-01&rft.pub=Elsevier+Sequoia+S.A&rft.issn=0164-1212&rft.eissn=1873-1228&rft.volume=84&rft.issue=7&rft.spage=1114&rft_id=info:doi/10.1016%2Fj.jss.2011.01.064&rft.externalDBID=NO_FULL_TEXT&rft.externalDocID=2356204131
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0164-1212&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0164-1212&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0164-1212&client=summon