Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

An Empirical Investigation of the Relationship Between Business Process Transparency and Business Process Attack

Author 1: Alhanouf Aldayel
Author 2: Ahmad Alturki

Download PDF

Digital Object Identifier (DOI) : 10.14569/IJACSA.2021.0120468

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 12 Issue 4, 2021.

Abstract: Business Process Management (BPM) is a management approach to discover, analyze, redesign, execute and monitor business processes. Implementing BPM concepts help and benefit organizations by increasing their productivity, achieving their strategies and operational excellence, and saving costs. Rosemann et al. identify business process transparency as one of the key values of BPM, and essential to achieving other BPM benefits. Business process transparency provides visibility about how operations/activities are conducted in a detailed way, sometimes with technical details, within an organization; which facilitates the identification of structural issues of the process model. A conducted content analysis of the literature shows that fraudsters have leveraged structural issues of the business process model to commit fraud. Such fraud can be labeled as a Business Process Attack (BPA). In analogy to information system security attack, BPA can be defined as the exploitation of a vulnerability in a business process model to commit fraudulent activities that influence the business negatively such as achieving invalid or unwanted results. This research aims to investigate the relationship between the degree of business process transparency and exposure to BPA. If the relationship is positive, appropriate security controls shall be implemented on the business process transparency to avoid BPA. The main research question is: What is the relationship between an organization's degree of business process transparency and exposure to BPA. A quantitative research method is employed to measure and understand the impact of business process transparency on BPA. An experiment is designed and conducted to assess the awareness of the existence of vulnerabilities in various process models and how to exploit them to commit BPA. Results show that there is a positive significant relationship between increased business process transparency and exposure to BPA. This research contributes towards understanding and highlights the negative impact of business process transparency, which motivates researchers to investigate this phenomenon and find appropriate solutions.

Keywords: Business Process Management (BPM); business process; transparency; business process attack; fraud

Alhanouf Aldayel and Ahmad Alturki, “An Empirical Investigation of the Relationship Between Business Process Transparency and Business Process Attack” International Journal of Advanced Computer Science and Applications(IJACSA), 12(4), 2021. http://dx.doi.org/10.14569/IJACSA.2021.0120468

@article{Aldayel2021,
title = {An Empirical Investigation of the Relationship Between Business Process Transparency and Business Process Attack},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2021.0120468},
url = {http://dx.doi.org/10.14569/IJACSA.2021.0120468},
year = {2021},
publisher = {The Science and Information Organization},
volume = {12},
number = {4},
author = {Alhanouf Aldayel and Ahmad Alturki}
}

IJACSA

Upcoming Conferences

Future of Information and Communication Conference (FICC) 2021

29-30 April 2021

Computing Conference 2021

15-16 July 2021

IntelliSys 2021

2-3 September 2021

Future Technologies Conference (FTC) 2021

28-29 October 2021