Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

The Danger Within: Insider Threat Modeling Using Business Process Models

Jan von der Assen, Jasmin Hochuli, Thomas Grübl, Burkhard Stiller

TL;DR

The results indicate that even without annotation, BPMN diagrams can be leveraged to automatically identify insider threats in an organization.

Abstract

Threat modeling has been successfully applied to model technical threats within information systems. However, a lack of methods focusing on non-technical assets and their representation can be observed in theory and practice. Following the voices of industry practitioners, this paper explored how to model insider threats based on business process models. Hence, this study developed a novel insider threat knowledge base and a threat modeling application that leverages Business Process Modeling and Notation (BPMN). Finally, to understand how well the theoretic knowledge and its prototype translate into practice, the study conducted a real-world case study of an IT provider's business process and an experimental deployment for a real voting process. The results indicate that even without annotation, BPMN diagrams can be leveraged to automatically identify insider threats in an organization.

The Danger Within: Insider Threat Modeling Using Business Process Models

TL;DR

The results indicate that even without annotation, BPMN diagrams can be leveraged to automatically identify insider threats in an organization.

Abstract

Threat modeling has been successfully applied to model technical threats within information systems. However, a lack of methods focusing on non-technical assets and their representation can be observed in theory and practice. Following the voices of industry practitioners, this paper explored how to model insider threats based on business process models. Hence, this study developed a novel insider threat knowledge base and a threat modeling application that leverages Business Process Modeling and Notation (BPMN). Finally, to understand how well the theoretic knowledge and its prototype translate into practice, the study conducted a real-world case study of an IT provider's business process and an experimental deployment for a real voting process. The results indicate that even without annotation, BPMN diagrams can be leveraged to automatically identify insider threats in an organization.
Paper Structure (10 sections, 3 figures, 2 tables)

This paper contains 10 sections, 3 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Related Work and Problem Statement
  3. Architecture and Prototype Implementation
  4. Overview
  5. Web-based Implementation
  6. Evaluations
  7. Case Study: IT Service Provider
  8. Field Experiment: Remote Voting
  9. Synthesis and Comparison with Related Work
  10. Summary and Future Work

Figures (3)

  • Figure 1: Methodology (top) and Architecture (bottom) of the Proposed Approach
  • Figure 2: Knowledge Base Sources: Insider Threats Elicited per Source
  • Figure 3: Report Page of the Threat Model Conducted for the IT Service Provider