Information Security: An Integrated Collection of Essays
Information Security: An Integrated Collection of Essays
Security attribute evaluation method: a cost-benefit approach
Proceedings of the 24th International Conference on Software Engineering
Acquiring COTS Software Selection Requirements
IEEE Software
Using Abuse Case Models for Security Requirements Analysis
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
The IS risk analysis based on a business model
Information and Management
Security Analysis of Electronic Business Processes
Electronic Commerce Research
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
Information Security Risk Analysis
Information Security Risk Analysis
Workshop-based Multiobjective Security Safeguard Selection
ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
Secure Business Process Management: A Roadmap
ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
Security requirement analysis of business processes
Electronic Commerce Research
Extending business process management to determine efficient IT investments
Proceedings of the 2007 ACM symposium on Applied computing
Interactive Decision Support for Multiobjective COTS Selection
HICSS '07 Proceedings of the 40th Annual Hawaii International Conference on System Sciences
Defining Secure Business Processes with Respect to Multiple Objectives
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Objective Types for the Valuation of Secure Business Processes
ICIS '08 Proceedings of the Seventh IEEE/ACIS International Conference on Computer and Information Science (icis 2008)
| Hi-index | 0.00 |
As business processes gain more importance in today's business environments, their unimpeded execution is crucial for a company's success. Corporate decision makers are faced with a wide spectrum of potential risks on the one hand and a plenitude of security safeguards on the other hand. Existing approaches for the evaluation of security measures often neglect the consideration of business needs under multiple objectives. This paper gives an overview of the Atana approach that supports decision makers with the elicitation of security safeguards based on corporate business processes and according to multiple objectives. It focuses on the description of a prototype by means of a case study from the social security sector and, thus, provides decision makers with an instrument for interactively exploring different security investment scenarios, while the system guarantees at the same time that only efficient solutions are considered.