Despite the growing demand for business processes that comply with security policies, security and privacy incidents caused by erroneous workflow specifications are regrettably common. This is, in part, because business process management and security are seldom addressed together, thereby hindering the development of trustworthy and security-compliant business processes. The Workshop on Security and Compliance in Business Processes (SCBP’15) seeks to bring together researchers and practitioners interested in the management and modelling of secure and compliant business processes in process-aware information systems. In particular, SCBP’15 encourages innovative methods for workflow security modelling, security compliance, audit and control throughout the business process lifecycle: from design time verification to online operational support and post-mortem analysis. Furthermore, it welcomes contributions beyond the strictly technical, such as those considering social, economic, legal and standardisation issues.PROGRAM
The goal of SCBP’15 is to obtain a deeper understanding of a rapidly maturing, yet still largely under-investigated field of business process security, audit and control, including both thorough security requirements formalization, secure process modelling, and mechanisms for verification, monitoring and auditing. Besides the “technical” intent to substantially advance the current state of the art, SCBP’15 aims to locate active research areas in academia and industry; get a snapshot of the current approaches and existing tool-support; encourage approaches and techniques that combine formal foundations with industrial applicability; and identify new research directions and challenges. In tackling these questions we hope to make a substantial contribution to reliable and secure business process management.
In particular, SCBP’15 encourages innovative methods for workflow security modelling, security audit and control throughout the business process lifecycle: from design time verification to online operational support and post-mortem analysis. Furthermore, it welcomes contributions beyond the strictly technical, such as those considering social, economic, legal and standardisation issues.
Topics of Interest:
To be announced later..
To be announced later..
Submitted manuscripts must be written in English and papers can be submitted in two categories: 1) full papers (no longer than 12 pages), and 2) research in progress & experience report (no longer than 6 pages). They must be formatted using the LNBIP format format and submitted as a PDF document to the EasyChair website. Submissions will be reviewed on the basis of their originality, significance, technical soundness and clarity of exposition. Each submission will be reviewed by at least three PC members. Submitted manuscripts must not substantially overlap manuscripts that have been published or submitted to another peer-reviewed conference or journal.
Accepted workshop papers will be published in the CEUR proceedings. Authors of the best papers will be invited to submit the extended papers to a special issue of the journal on Complex Systems Informatics and Modeling Quarterly (CSIMQ).
Program Committee Chairs
PREVIOUS WORKSHOPS AND EVENTS
2013: SBP'13 (see the report), Dagstuhl Seminar on Verifiably Secure PaIS (see the report)
2012: SBP'12 ( see the report)
2011: ABPSM'11, WfSAC'11