loading
Papers Papers/2020

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Naved Ahmed ; Raimundas Matulevičius and Naiad Hossain Khan

Affiliation: University of Tartu, Estonia

Keyword(s): Security engineering, Business process modelling, Security risk-oriented patterns, Security requirements

Abstract: Business process modelling and security engineering are two important concerns when developing information system (IS). However current practices report that security is addressed rather at the later development stages (i.e., design and implementation). This raises a question whether the business processes are performed securely. In this paper, we propose a method to align business process modelling and security engineering. We develop a set of security risk-oriented patterns. Such patterns help to understand security risks that potentially arise within business processes, and to introduce security solutions. To ease the applicability the security risk-oriented patterns are defined using BPMN notations. The proposal is tested in an industrial business model and the findings indicate a positive usefulness to identify important business assets, their security risks and countermeasures.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.234.211.61

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Ahmed, N.; Matulevičius, R. and Hossain Khan, N. (2012). Eliciting Security Requirements for Business Processes using Patterns. In Proceedings of the 9th International Workshop on Security in Information Systems - WOSIS, (ICEIS 2012) ISBN 978-989-8565-15-0, pages 49-58. DOI: 10.5220/0004100200490058

@conference{wosis12,
author={Naved Ahmed. and Raimundas Matulevičius. and Naiad {Hossain Khan}.},
title={Eliciting Security Requirements for Business Processes using Patterns},
booktitle={Proceedings of the 9th International Workshop on Security in Information Systems - WOSIS, (ICEIS 2012)},
year={2012},
pages={49-58},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004100200490058},
isbn={978-989-8565-15-0},
}

TY - CONF

JO - Proceedings of the 9th International Workshop on Security in Information Systems - WOSIS, (ICEIS 2012)
TI - Eliciting Security Requirements for Business Processes using Patterns
SN - 978-989-8565-15-0
AU - Ahmed, N.
AU - Matulevičius, R.
AU - Hossain Khan, N.
PY - 2012
SP - 49
EP - 58
DO - 10.5220/0004100200490058

0123movie.net