Jump to ContentJump to Main Navigation
Show Summary Details
More options …

it - Information Technology

Methods and Applications of Informatics and Information Technology

Editor-in-Chief: Conrad, Stefan / Molitor, Paul

6 Issues per year

See all formats and pricing
More options …
Volume 55, Issue 6


Security and Privacy in Business Processes: A Posteriori Analysis Techniques

Sicherheit und Privacy in Geschäftsprozessen: A Posteriori Analysetechniken

Mark Strembeck / Stefanie Rinderle-Ma
Published Online: 2013-12-19 | DOI: https://doi.org/10.1515/itit.2013.2005


In this paper, we motivate the need to perform a posteriori analyzes for process-related security properties. In particular, we first discuss the relation of security engineering and a-posteriori techniques. Subsequently, we give an overview of different a-posteriori techniques for analyzing organizational structures and access control policies. Finally, we provide a discussion on application scenarios for different a-posteriori techniques.


Dieser Beitrag beschäftigt sich mit A-Posteriori Techniken zur Analyse von sicherheitsrelevanten Eigenschaften in Geschäftsprozessen. Zunächst wird der Zusammenhang zwischen Security Engineering und A-Posteriori Techniken diskutiert und gleichzeitig motiviert, warum A-Posteriori Techniken zur Analyse von prozessbezogenen Sicherheitseigenschaften benötigt werden. Danach stellen wir eine Auswahl von A-Posteriori-Techniken vor, die auf die Analyse und Ableitung von organisatorischen Strukturen einerseits und Zugriffskontrollregeln andererseits abzielen. Der Beitrag schliesst mit einer Diskussion der Einsatzszenarien für die verschiedenen A-Posteriori-Techniken.

Keywords: ACM CCS; Security and privacy; Systems security; Distributed systems security; ACM CCS; Applied computing; Enterprise computing; Business process management; Business process monitoring

Schlagwörter: Sicherheit von Software-Systemen; Geschäftsprozessmanagement; Ex-post Analyse von Sicherheitsaspekten

About the article

Mark Strembeck

Prof. Dr. Mark Strembeck is an Associate Professor of Information Systems at the Vienna University of Economics and Business (WU Vienna), Austria. His research interests include business process management, model-driven software development, security engineering, and the management of dynamic (distributed) software systems. He received his doctoral degree as well as his Habilitation degree (venia docendi) from WU Vienna. He is a key researcher at the Secure Business Austria Research Center (http://www.sba-research.org/team/), and the Vice Institute Head of the Institute for Information Systems at WU Vienna (http://nm.wu.ac.at/).

WU Vienna, Institute of Information Systems, New Media Lab, Augasse 2–6, 1090 Vienna, Austria

Stefanie Rinderle-Ma

Prof. Dr. Stefanie Rinderle-Ma is a full professor and head of the Research Group Workflow Systems and Technology at the Faculty of Computer Science, University of Vienna (

  • Google Scholar

  • ). Further on, she serves as key researcher at the Secure Business Autria Competence Center in Vienna. Stefanie received her doctoral and Habilitation degree from University of Ulm, Germany. She spent postdoc stays at the University of Twente, The Netherlands, the University of Ottawa, Canada, and the Eindhoven University of Technology, The Netherlands. Currently, Stefanie is involved in several national and international projects such as the EU FP7 project ADVENTURE on virtual factories of the future, the FWF-funded project on Compliance and Change in Collaborative Processes, as well as the cluster project EBMC2 on skin cancer treatment funded by the University of Vienna and the Medical University of Vienna.

    University of Vienna, Faculty of Computer Science, Research Group Workflow Systems and Technology, Währingerstrasse, 1090 Vienna, Austria

    Received: 2013-07-26

    Published Online: 2013-12-19

    Published in Print: 2013-12-01

    Citation Information: it – Information Technology it – Information Technology, Volume 55, Issue 6, Pages 247–254, ISSN (Online) 2196-7032, ISSN (Print) 1611-2776, DOI: https://doi.org/10.1515/itit.2013.2005.

    Export Citation

    © 2013 by Walter de Gruyter Berlin Boston.Get Permission

    Comments (0)

    Please log in or register to comment.
    Log in