395,738 Hits in 6.9 sec

A Business Process Engineering Based Approach Towards Incorporating Security in the Design of Global Information Systems

Gerald Quirchmayr, Jill Slay, Andy Koronios, Kathy Darzano
2003 Pacific Asia Conference on Information Systems  
Security is usually not dealt with at the level of business processes and so security policies are typically not linked to system design and implementation.  ...  For this reason we introduce an approach for increasing the security levels of global information systems through business engineering technology.  ...  In an ideal case, we will see a direct export of security models from business engineering environments into security components of information systems, similar to the integration already provided between  ... 
dblp:conf/pacis/QuirchmayrSKD03 fatcat:5fjhoobcu5b7hggg3cfhsxhjre

Towards a Business Process-Driven Framework for Security Engineering with the UML [chapter]

José L. Vivas, José A. Montenegro, Javier López
2003 Lecture Notes in Computer Science  
A challenging task in security engineering concerns the specification and integration of security with other requirements at the top level of requirements engineering.  ...  Since many security notions belongs conceptually to the world of business processes, it is natural to try to capture and express them in the context of business models in which moreover customers and end  ...  process, yielding a new specification of the system into which the security requirements have been integrated.  ... 
doi:10.1007/10958513_29 fatcat:xcw3kgmsx5hmbgat4aoocqdjwi

Towards Definition of Secure Business Processes [chapter]

Olga Altuhhova, Raimundas Matulevičius, Naved Ahmed
2012 Lecture Notes in Business Information Processing  
Our proposal would allow system analysts to understand how to develop security requirements to secure important assets defined through business processes.  ...  Business process modelling is one of the major aspects in the modern system development. Recently business process model and notation (BPMN) has become a standard technique to support this activity.  ...  Such a model transformation would be supported by transformation rules, developed on the semantic alignment of the (business and security) modelling approaches to the common base, i.e., the ISSRM domain  ... 
doi:10.1007/978-3-642-31069-0_1 fatcat:ontn2cdcjzg33gqhumseughgiy

A Model for Improving e-Security in Australian Universities

Lauren May, Tim Lane
2006 Journal of Theoretical and Applied Electronic Commerce Research  
This model is aimed at facilitating the transition of security knowledge into actual implementation across the enterprise, with an end goal of an improved culture of compliance towards security practices  ...  Although this approach can provide limited security, there is no guarantee that business requirements for security are incorporated and integrated effectively.  ...  This research work is of significant value to the university sector, as it represents a specific study into the security management issues facing Australian universities.  ... 
doi:10.3390/jtaer1020016 fatcat:a25pbyah2bbn7muk7nnkboxdkq

Business Process Modeling for Insider Threat Monitoring and Handling [chapter]

Vasilis Stavrou, Miltiadis Kandias, Georgios Karoulas, Dimitris Gritzalis
2014 Lecture Notes in Computer Science  
We examine existing security approaches to tackle down the aforementioned threat in enterprise business processes and propose a preliminary model for a monitoring approach that aims at mitigating the insider  ...  Depending on their motives, insiders participating in an organization's business process may manifest delinquently in a way that causes severe impact to the organization.  ...  The proposed tool supports model-driven development of processes that integrate security and compliance requirements across all phases of the system life-cycle.  ... 
doi:10.1007/978-3-319-09770-1_11 fatcat:fgm3345g4rewdhgpht2zvkga7m

A Qualitative Study of Domain Specific Languages for Model Driven Security

Muhammad Qaiser Saleem
2014 Research Journal of Applied Sciences Engineering and Technology  
Model-Driven Security is a specialization of Model-Driven paradigm towards the domain of security, where security objectives are modeled along the system models and security infrastructures are directly  ...  In this study, a comparative study is presented regarding the security Domain Specific Modeling Languages presented by the most prominent researchers for the development of secure system.  ...  incorporate the security objectives in the business process model in an easier way.  ... 
doi:10.19026/rjaset.7.703 fatcat:isqkbqltozdyzkyshn525qvdwe

Guest editorial: security requirements engineering: past, present and future

Eric Dubois, Haralambos Mouratidis
2010 Requirements Engineering  
First of all, we would like to thank all the authors of the submitted papers. We would also like to thank the following for their contribution to the review process: B. De Win, E. B. Fernandez, J.  ...  Thanks also to Aeronne Jeanne Rivera for the support during the whole preparation process.  ...  Towards this direction, work is focused on the integration of security requirements and risk management.  ... 
doi:10.1007/s00766-009-0094-8 fatcat:dzso5jghwbeedltlr6n56ytzme

A Survey of Scientific Approaches Considering the Integration of Security and Risk Aspects into Business Process Management

Stefan Jakoubi, Simon Tjoa, Gernot Goluch, Gerald Quirchmayr
2009 2009 20th International Workshop on Database and Expert Systems Application  
This development forced companies to apply risk, security and business process management in a more integrated way.  ...  Within this survey paper we examine scientific research efforts in the field of security and risk related business process/workflow management.  ...  Towards a UML 2.0 Extension for the Modeling of Security Requirements in Business Processes The major contribution of the authors' work is an extension of UML 2.0 in order to enable the definition of business  ... 
doi:10.1109/dexa.2009.71 dblp:conf/dexaw/JakoubiTGQ09 fatcat:cymvtifhmnh5rn7q5537f3grfm

Security Problems of SOA Applications

Muhammad Qaiser Saleem
2017 International Journal of Security and Its Applications  
Service Oriented Architecture has gained the popularity in the market because workflows of a business process can easily be realized by the composition of services.  ...  protocols and security standards is towards technological level [12] , i.e. they do not deal with the high level of abstraction.  ...  However, while modeling the business process, the focus is towards modeling of functional requirements of the software system and the "notion of security" is often neglected.  ... 
doi:10.14257/ijsia.2017.11.11.03 fatcat:rsdxbhwswjdehfnxzmnki44ioe

Assessment and Continuous Improvement of Information Security Based on TQM and Business Excellence Principles

Andrei Ioan Hohan, Marieta Olaru, Ionela Carmen Pirnea
2015 Procedia Economics and Finance  
Business Excellence Model.  ...  A second objective is to propose a methodology for assessment and continuous improvement of information security integrating the criteria of the EFQM Model and its RADAR (Results, Approaches, Deploy, Assess  ...  Integration of IT security into corporate culture and practices Open Information Security Management Maturity Model (Open Group, 2011) Initial, Managed, Defined, Controlled, Optimized Processes  ... 
doi:10.1016/s2212-5671(15)01404-5 fatcat:2pinjeywn5fxxj43vu56nrhaja

A New Framework To Model A Secure E-Commerce System

A. Youseef, F. Liu
2012 Zenodo  
This proposed framework categorizes into three separate parts: modelling business environment part, modelling information technology system part and modelling IS security part.  ...  This paper aims to propose an integrated security and IS engineering approach in all software development process stages by using i* language.  ...  Firstly, the integration of security into a developed business process is not very well understood. Secondly, security properties are complicated and error-prone when integrated by hand.  ... 
doi:10.5281/zenodo.1330991 fatcat:u57no24rczh7bp3v4tqi2knlbu

EA Model as Central Part of the Transfomation Into a More Flexible and Powerful Organisation

Stefan Gerber, Uwe Meyer, Claus Richert
2007 Entwicklungsmethoden für Informationssysteme und deren Anwendung: Fachtagung  
Therefore we use an iterative approach within EA deployment that will be considered as an assessment process evaluating the whole IT-landscape of a certain CIO area.  ...  There are metrics used which allow the identification of transformation objects and these will be reworked in different structures by using architectural principles and then integrated into EA.  ...  This is an important step towards a service-oriented enterprise. 5.  ... 
dblp:conf/emisa/GerberMR07 fatcat:tfn4vr2l6vhyjngnf2nrsazdz4

Security Requirements Engineering for Secure Business Processes [chapter]

Elda Paja, Paolo Giorgini, Stéphane Paul, Per Håkon Meland
2012 Lecture Notes in Business Information Processing  
Traditional approaches to business process modelling deal with security only after the business process has been defined, namely without considering security needs as input for the definition.  ...  We propose a security requirements engineering approach to model and analyze participants' objectives and interactions, and then derive from them a set of security requirements that are used to annotate  ...  Fortunately, this trend is changing and we are seeing examples where security requirements are integrated into business processes. For instance, Wolter et al.  ... 
doi:10.1007/978-3-642-29231-6_7 fatcat:2pmeswfkmbbmvkefhsyp43y4cu

Insider Threat: Enhancing BPM through Social Media

Dimitris Gritzalis, Vasilis Stavrou, Miltiadis Kandias, George Stergiopoulos
2014 2014 6th International Conference on New Technologies, Mobility and Security (NTMS)  
We examine existing security approaches to tackle down the aforementioned threat in enterprise business processes.  ...  Modern business environments have a constant need to increase their productivity, reduce costs and offer competitive products and services. This can be achieved via modeling their business processes.  ...  or resources by processes or users not allowed to. • Data integrity forms an important part of a business process.  ... 
doi:10.1109/ntms.2014.6814027 dblp:conf/ntms/GritzalisSKS14 fatcat:ehl7hqetojendk55f3paes5vvm

A Review On Factors Influencing Implementation Of Secure Software Development Practices

Sri Lakshmi Kanniah, Mohd Naz'ri Mahrin
2016 Zenodo  
Some of factors that affect implementation of secure software development practices are: Involvement of the security expert, integration between security and development team, developer's skill and expertise  ...  There is a set of factors that influence the successful deployment of secure software development processes.  ...  Integrating security and usability into the requirements and design process. Towards building secure software systems.  ... 
doi:10.5281/zenodo.1127256 fatcat:njgculhcfvhajkva7w7o2t7zgu
« Previous Showing results 1 — 15 out of 395,738 results