Frank's Blog

Chip and PIN is broken 

Today I found an interesting link at regarding a major flaw in the implementation of the EMV framework used for PIN-based payment authorization of bank/credit cards. Four researchers from the University of Cambridge describe how the current system can easily be manipulated (PDF). The results must be a major shock for the banking industry, since it is now evident that a customer is not per se liable if a transaction was authorized by PIN.

The approach is a classical man-in-the-middle attack. At some point in the negotiation phase between the terminal and the card, the customer enters his/her PIN into the terminal, which sends the PIN data to the card for verification. Unfortunately, the card returns a simple, unsecured response (0x9000) in case the PIN was entered correctly. Guess what? You can interrupt this communication and return 0x9000 for any PIN entered! Even worse, the terminal believes you authorized the transaction via PIN (and prints a receipt with "PIN authorization"), whereas the card and bank use a fallback mechanism that is used for signature-based authorization. Even worser, most specific protocol implementations do not even log this fallback. Of course, the dealer doesn't have the customer's signature, just a log with "PIN authorization". Still, this was enough to make judges believe that the customer was careless with his PIN. Now, however, it was enough.

The most important fact, however, is the ignorance of the industry regarding open standards and security issues. Seven years ago, in 2003, I wrote my Diploma thesis about the reconfiguration of Smart Cards via open networks (PDF, in German). An important part of my work was the analysis of the security frameworks that were offered at this point in time (Visa Open Platform). One of my key findings (written down in section 6.6.3) was, that the response code of the Smart Card's operating system application (the Card Manager) was not signed or anyhow secured. I found this to be a major bug for updating the content of a Smart Card via open networks, but unfortunately no card vendor was able to deliver something more secure. Luckily, the flaw did not tampered our main application on the card, a campus card application with digital signature functionality. Remarkable, the very same problem is still existing seven years later.

[ view entry ] ( 5302 views ) permalink $star_image$star_image$star_image$star_image$star_image ( 3 / 140 )
New books on BPMN 2.0 

During the last month, two interesting books on BPMN have been published. Below you find my reviews.

The Process (A. Gro├čkopf, G. Decker, M. Weske)

The process is a novel on process modeling that tries to teach you BPMN inside a story, such as done in e.g. The Goal by Eliyahu Goldratt and Jeff Cox. Interestingly, the book is written by academicians. In contrast to a text book, however, the book is written for consultants and managers that need at least to have a clue on how to read a process model.

The introduction to BPMN is centered around a business scenario, where a young man named Tom Bauer hires for his first job after university. He has no clue on BPMN but gets the job to document the company's work for his boss. At his luck, there's already someone in the company, Anne, how can teach him the basics of the notation. Tom walks around the company and asks different people to get the process modeled. While doing this, of course, he always needs to learn new elements to capture his findings. He writes the new learned element in his notebook, that act as some kind of reference at the end of each chapter. Later on, he visits a BPMN training by some well know BPMN guru, to learn more about advanced constructs and some surroundings of process modeling, such as the core ideas of Reengineering the Corporation by Hammer and Champy. The book ends with a very neat motivation for Business Process Management (BPM), where process modeling is just the starting point.

Technically, the book contains just one running example, that is refined in each chapter. Some figures are even drawn by hand, which give a very nice impression. The book teaches you all the basic constructs of BPMN 1.x and also discusses different variants to model the same thing---known as shortcuts.

In general, I really love the idea of writing a novel on the topic. In the beginning, the book is a bit too slow from the story's point of view (or rather boring, but that might be due to my existing knowledge on the topic). Nevertheless, the story speeds up and has its highlight in the evening discussion of the guru's workshop. Did I say that I like the neat motivation for BPM that ends the book?

The book also has a little drawback. Don't expect a story like in The Goal. Tom Bauer has no family, no love to care about, and LaserTec (the company he works for) is neither fighting with bankruptcy nor competition. While in the beginning, I found this to be a major drawback, after reading the complete book, I found it to be an advance: The focus on the topic. You simply don't need to skim through the process modeling pages just to get to know how the love story ends. After all, I was able to read the complete book during a one day business trip (ca. 6 hours travel time).

You should also be aware that the book advertises the kind of product that the company of two of the authors offers: A Web-based process editor. While I like the idea of passing around links to process models, I actually do not see how this fits with a consultant working on the models while traveling (at least as long as no broadband internet is available in a plane).

Nevertheless, I rate the book 5 out of 5 and can strongly recommend it to any consultant or beginner in process modeling. But be aware that you might need a more complex reference to start modeling your own processes (maybe the one from the next review?).

BPMN Method & Style (B. Silver)

Bruce Silver, a well known BPMN trainer and member of the BPMN standardization committee, provides a very well written book on BPMN. In contrast to other books, that give you a straightforward introduction to the elements, Silver focuses on a methodology for BPMN. He doesn't only teach you all the elements of a process model---including the new ones from BPMN 2.0---but more importantly, he teaches when to make use of them and when to avoid them. That makes the book perfect for process analysts and modelers.

His approach is split into three levels, the descriptive modeling for documenting the process flow, the analytical modeling that adds more details, such as exception handling, and the executable modeling, that ships with BPMN 2.0 and allows the definition of directly executable process models.

The book contains a lot (and I really mean a lot) of examples, patterns, and best/worst practices. Especially the patterns and practices come very handy to the practitioners: Should I use a sub-process or a pool? How should I introduce exception handling? These, and many other things are discussed.

The book, however, has one major drawback. It doesn't tell you a single word about choreographies and conversations, two brand new BPMN 2.0 model types (besides a reference to page 216 in the index---that is indeed the last page of the book that states 'Printed in the United States'). Choreographies describe the interactions between different participants from the viewpoint of the interaction flow (not from the participants!) and conversations describe a set of related message exchanges between different participants. Especially choreographies make a lot of sense in many business scenarios (or can you name a business that doesn't has suppliers and customers?). If you're interesting in seeing such models, take a look at my Wimmelbild (link) or read an interesting paper (in German) from Thomas Allweyer (link).

Furthermore, the print quality of the models looks a bit poor (never heard of vector graphics?). I would expect such a book to have a better finish. To see what I mean, just try to print the mentioned Wimmelbild and compare it to the models given in the book.

I rate the book 4 out of 5, since at least an outlook on choreographies and conversations should be contained. Otherwise, this is almost the perfect book on the topic.

[ view entry ] ( 4937 views ) permalink $star_image$star_image$star_image$star_image$star_image ( 3 / 2069 )
BPMN 2.0 Wimmelbild 

The BPMN 2.0 specification has been submitted to the OMG almost a month ago (read more). The most obvious news is of course the support for modeling explicit conversations and choreographies. But also the traditional "internal process" view has been enhanced a lot with Event Sub Processes, Non-interrupting Events, Data Stores, Data Objects representing Collections, or the Star-Trek-inspired Escalation Event, to name just a few.

To give you some impressions on what the current BPMN 2.0 draft provides, I created a so called BPMN 2.0 Wimmelbild. A Wimmelbild is a German word for an illustrated page showing a scene with many, many different details, typically for children. An example is a crowded city crossing, a park, etc. The page is full of details, with many peoples and things are "wimmeling" around.

All I did, was transfering this concept to BPMN 2.0 - enjoy the result!

All models are in the context of an auctioning platform. From top-left to bottom-right: High level conversation view, a part of the choreography, and the refined process view.

07/30/2009: I updated the Wimmelbild to fix some errors and add more elements.
[ view entry ] ( 4185 views ) permalink $star_image$star_image$star_image$star_image$star_image ( 3 / 284 )

Last weekend I baked a very tasty cake called "Donauwellen" (Donau waves). While I forgot to take a picture, I created a process diagram showing the necessary steps to reproduce the result (in German):

You can find the full recipe here (also in German).
[ view entry ] ( 3995 views ) permalink $star_image$star_image$star_image$star_image$star_image ( 2.9 / 541 )
New Book Chapter on Pi-Calculus and BPM 

Finally, one of my last scientific works on BPM and the pi-calculus has been published as a book chapter in Process Algebra for Parallel and Distributed Processing, edited by Michael Alexander and William Gardner.

The chapter itself is called Business Process Specification and Analysis. In contrast to prior work, it is written at a more sophisticated formal level (at least from my point of view), thanks to my co-author Uwe Nestmann. Indeed, I wished my doctoral thesis would be this formal.

Technically, we investigated the asynchronous pi-calculus (new work here) and also introduced a formal or-join execution semantics for the pi-calculus (more new work, but not completely formalized). The main focus, however, was the introduction and discussion of Trios, a concept that refined the functional abstraction (definition 5.2 of my thesis).

Concluding, I can recommend the paper to anyone (still) interested in using the pi-calculus in the area of BPM (what else should I say as an author :-). Unfortunately, I have no permission to provide a PDF file for download, so you have to either find a library or make a rather huge investment to get the chapter.

But what I can offer for free is a prototypical tool that was developed during the writing of the chapter. While it's command line based (written in Ruby), it has a graphical representation of the business process currently executed. And yes, you need the same Mac tool (called OmniGraffle) as for the Lazy Soundness Toolchain to create your own BPDs that can be imported. But don't worry, I provide a lot of ready to use examples to showcase the execution and analysis of business processes in the asynchronous pi-calculus. The homepage of the tool, called pishell, can be found here. Have fun!

I would also like to place a last comment (and thanks) to the editors and publishers of the book. In contrast to Springer (where you have to do all by yourself), the chapter was proof-read by experts and the grammar and spelling have been professionally checked.

[ view entry ] ( 4948 views ) permalink $star_image$star_image$star_image$star_image$star_image ( 2.9 / 548 )

<<First <Back | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | Next> Last>>