Author:
Joseph Barjis
Affiliation:
Delft University of Technology, Netherlands
Keyword(s):
Secure business process modeling, Secure information system design, Information system security, Organizational semiotics, DEMO methodology.
Related
Ontology
Subjects/Areas/Topics:
Artificial Intelligence
;
Enterprise Information Systems
;
Formal Methods
;
Information Systems Analysis and Specification
;
Knowledge Management and Information Sharing
;
Knowledge-Based Systems
;
Methodologies and Technologies
;
Modeling Formalisms, Languages and Notations
;
Operational Research
;
Security
;
Semiotics
;
Simulation and Modeling
;
Symbolic Systems
Abstract:
In this paper, we propose a conceptual model and develop a method for secure business process modeling towards information systems (IS) security. The emphasis of the proposed method is on social characteristics of systems, which is furnished through association of each social actor to their authorities, responsibilities and obligations. In turn, such an approach leads to secure information systems. The resulting modeling approach is a multi-method for developing secure business process models (secure BPM), where the DEMO transaction concept are used for business process modeling, and the Norm Analysis Method (organizational semiotics) for incorporating security safeguards into the model.