Towards CIM to PIM transformation: from secure business processes defined in BPMN to use-cases

Authors:
Alfonso Rodríguez;Eduardo Fernández-Medina;Mario Piattini
Affiliations:
Departamento de Auditoría e Informática, Universidad del Bio Bio, Chillán, Chile;ALARCOS Research Group, Information Systems and Technologies Department, Indra Research and Development Institute, University of Castilla-La Mancha, Ciudad Real, Spain;ALARCOS Research Group, Information Systems and Technologies Department, Indra Research and Development Institute, University of Castilla-La Mancha, Ciudad Real, Spain
Venue:
BPM'07 Proceedings of the 5th international conference on Business process management
Year:
2007

Citing 11
Cited 8

The unified software development process

The unified software development process
Using UMLsec and goal trees for secure systems development

Proceedings of the 2002 ACM symposium on Applied computing
A business process-driven approach to security engineering

DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
Security-Critical System Development with Extended Use Cases

APSEC '03 Proceedings of the Tenth Asia-Pacific Software Engineering Conference Software Engineering Conference
A Framework for Business Model Driven Development

STEP '04 Proceedings of the 12 International Workshop on Software Technology and Engineering Practice
Security requirement analysis of business processes

Electronic Commerce Research
Viewing business-process security from different perspectives

International Journal of Electronic Commerce - Special issue: Developing the business components of the digital economy
A BPMN Extension for the Modeling of Security Requirements in Business Processes

IEICE - Transactions on Information and Systems
Misuse Cases: Use Cases with Hostile Intent

IEEE Software
Specification and design of advanced authentication and authorization services

Computer Standards & Interfaces
Security in business process engineering

BPM'03 Proceedings of the 2003 international conference on Business process management

Editorial: Model-Driven Development for secure information systems

Information and Software Technology
Towards framework definition to obtain secure business process from legacy information systems

Proceedings of the first international workshop on Model driven service engineering and data quality and security
Semi-formal transformation of secure business processes into analysis class and use case models: An MDA approach

Information and Software Technology
Lightweight modeling and analysis of security concepts

ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Embedding requirements within Model-Driven Architecture

Software Quality Control
Secure business process model specification through a UML 2.0 activity diagram profile

Decision Support Systems
A mapping from normative requirements to event-b to facilitate verified data-centric business process management

CEE-SET'09 Proceedings of the 4th IFIP TC 2 Central and East European conference on Advances in Software Engineering Techniques
Not Ready for Prime Time: A Survey on Security in Model Driven Development

International Journal of Secure Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

The software community is currently paying attention to modeltransformation. The MDA approach is particularly orientated towards solvingthe problems of time, cost and quality associated with software creation.Enterprises are, moreover, aware of the importance that business processes andsecurity have in relation to their competitive position and performance. In ourprevious work, we have proposed a BPMN extension which can be used todefine security requirement in business process specifications. A SecureBusiness Process description is that of computation independent models in anMDA context. In this paper we propose a CIM to PIM transformationcomposed of QVT rules. Various UML use cases, which will be part of aninformation system, are obtained from the secure business process description.