A Process-Centric Approach to Insider Threats Identification in Information Systems

The development of complex software systems as done today generates countless security vulnerabilities that are difficult to detect. In this context, several research works have adopted the Model Driven Security (MDS) approach, which investigates software models rather than implementations. However, although these works provide useful techniques for security modeling and validation, they do not address the impact of functional behavior on the security context of the system, which can be cause for several flaws, specially insider threats. In order to address this challenge, we propose a dynamic analysis based on the B method for both functional and security concerns. Our contribution extends the B4MSecure platform that we developed in our previous works, by introducing a workflow-centric layer to model expected business processes, as well as possible malicious activities. This new layer is built on CSP parallel to B and brings new validation possibilities to B4MSecure.