Download the FLYER!


Despite the growing demand for compliant business processes, security and privacy incidents caused by erroneous workflow specifications are still omnipresent. In fact, often business process management and security issues stand out as separate silos, and are seldom addressed together towards the development of trustworthy and security compliant business processes. The second edition of the Workshop on Security in Business Processes (SBP'13) wants to bring together researchers and practitioners interested in management and modelling of secure business processes in process-aware information systems. In particular, SBP'13 encourages innovative methods for workflow security modelling, security audit and control along the entire business process lifecycle: from design time verification to online operational support and post-mortem analysis. Furthermore, it welcomes contributions beyond the strictly technical character, for instance those considering social, economic, legal and standardisation issues.

Topics of interest include:

  • Alignment
  • Authorization
  • Accountability
  • Audit reduction
  • Business provenance
  • Case studies
  • Conformance/compliance checking checking
  • Continuous audit
  • Cost-benefit analysis
  • Data-centric process mining
  • Formal reasoning
  • Fraud detection
  • Economics of audit
  • Experience reports
  • Information flow control
  • Meta-models for analysis
  • Security Modelling
  • Operational decision support
  • Privacy-aware process discovery
  • Requirements elicitation
  • Requirements formalization
  • Risk Measurement
  • Runtime verification and monitoring
  • Security testing
  • Trace clustering
  • Usage control
  • Workflow forensics
  • Workflow simulation

Preliminary Program 

SESSION 1. Chair: Raimundas Matulevicius
13:00-13:50 Keynote Hejiao Huang,
Specification and Verification of Security Policy Design based on Petri Nets
13:50-14:25 P1 Gabriele Costa, Fabio Martinelli, and Artsiom Yautsiukhin,
Multi-dimensional Secure Service Orchestration
Discussant: presenter of P3.
14:25-15:00 P2 Jens Gulden
Explication of Termination Semantics as a Security-Relevant Feature in Business Process Modeling Languages
Discussant: presenter of P1.
15:00-15:30 Coffee break.
SESSION 2. Chair: Hejiao Huang
15:30-16:05 P3 Elham Ramezani, Dirk Fahland, and Wil M.P.van der Aalst,
Supporting Domain Experts to Select and Configure Precise Compliance Rules
Discussant: presenter of P2.
16:05-16:25 P4 Sandugash Askarova, Darkhan Mukhatov, Altynbek Sharipbayev, Dina Satybaldina,
A Framework for the Privacy Access Control Model
Discussant: presenter of P5.
16:25-16:45 P5 Kaarel Tark, Raimundas Matulevicius,
Role-based Access Control for Securing Dynamically Created Documents
Discussant: presenter of P4.
16:45-17:00 Workshop closing.


Hejiao Huang (Harbin Institute of Technology Shenzhen Graduate School, China)

Submission guidelines  

Submitted manuscripts must be written in English and be no longer than 12 pages. They must be formatted using the LNBIP format and submitted as a PDF document to EasyChair website.

Submissions will be reviewed by at least three PC members based on their originality, significance, technical soundness and clarity of exposition. Submitted manuscripts must not substantially overlap manuscripts that have been published or that are simultaneously submitted to a conference with proceedings or a journal.

The workshop papers will be published by Springer as a post-workshop proceedings volume in the series Lecture Notes in Business Information Processing (LNBIP).

Important Dates  

Paper submission:
Paper notification:
Camera-ready version:
May 25, 2013 May 31, 2013
July 1, 2013
July 23, 2013
August 26, 2013

Organising Chairs  

Wil van der Aalst, Eindhoven University of Technology, the Netherlands
Rafael Accorsi, University of Freiburg, Germany
Raimundas Matulevičius, University of Tartu, Estonia

Program Committee  

  • Anne Baumgrass (Vienna University of Economics and Business, Austria)
  • Achim Brucker (SAP Labs, Germany)
  • Jason Crampton (University of London, UK)
  • Benoit Depaire (University of Hasselt, Belgium)
  • Khaled Gaaloul (CRP Henri Tudor, Luxembourg)
  • Aditya Ghose (University of Wollongong, Australia)
  • Hejiao Huang (Shenzhen Graduate School, Harbin Institute of Technology, China)
  • Michael Huth (Imperial College, UK)
  • Fuyuki Ishikawa (National Institute of Infomatics Tokyo, Japan)
  • Jan Jürjens (Technische Universität Dortmund, Germany)
  • Dimka Karastoyanova (University of Stuttgart, Germany)
  • Günter Karjoth (IBM Research, Switzerland)
  • Peter Karpati (Institute for Energy Technology - Halden, Norway)
  • Seok-Won Lee (Ajou University, Korea)
  • Lin Liu (Tsinghua University, China)
  • Heiko Ludwig (IBM Research, US)
  • Nicolas Mayer (CRP Henri Tudor, Luxembourg)
  • Per H. Meland (SINTEF ICT, Norway)
  • Marco Montali (Free University of Bozen-Bolzano, Italy)
  • Haralambos Mouratidis (University of East London, UK)
  • Andreas Opdahl (University of Bergen, Norway)
  • Günther Pernul (University of Regensburg, Germany)
  • Silvio Ranise (FBK-IRST, Italy)
  • Stefanie Rinderle-Ma, University of Vienna, Austria
  • David G. Rosado (University of Castilla-La Mancha, Spain)
  • Shazia Sadiq (Queensland University, Australia)
  • Guttorm Sindre (Norwegian University of Science and Technology, Norway)
  • Mark Strembeck (Vienna University of Economics and Business, Austria)
  • Jan Martijn van der Werf (Eindhoven University of Technology, the Netherlands)
  • Qihua Wang (IBM Research, US)
  • Nicola Zannone (Eindhoven University of Technology, the Netherlands)

Previous Workshops