Decision Support Systems - Special issue: workshop on information technology and systems (WITS '93)
The unified software development process
The unified software development process
Information systems architecture to support managed care business processes
Decision Support Systems
SecureUML: A UML-Based Modeling Language for Model-Driven Security
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Modeling Secure and Fair Electronic Commerce
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Towards Security Semantics in Workflow Management
HICSS '98 Proceedings of the Thirty-First Annual Hawaii International Conference on System Sciences-Volume 7 - Volume 7
A business process-driven approach to security engineering
DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
Deriving security requirements from crosscutting threat descriptions
Proceedings of the 3rd international conference on Aspect-oriented software development
Computer Security in the Real World
Computer
Unifying business objects and system dynamics as a paradigm for developing decision support systems
Decision Support Systems
Semantics of UML 2.0 Activity Diagram for Business Modeling by Means of Virtual Machine
EDOC '05 Proceedings of the Ninth IEEE International EDOC Enterprise Computing Conference
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
An evaluation of conceptual business process modelling languages
Proceedings of the 2006 ACM symposium on Applied computing
Security requirement analysis of business processes
Electronic Commerce Research
Progress in Web-based decision support technologies
Decision Support Systems
A Taxonomy of Model Transformation
Electronic Notes in Theoretical Computer Science (ENTCS)
Requirements Engineering - Special Issue on RE'09: Security Requirements Engineering; Guest Editors: Eric Dubois and Haralambos Mouratidis
Security in business process engineering
BPM'03 Proceedings of the 2003 international conference on Business process management
A systematic review of security requirements engineering
Computer Standards & Interfaces
Mal-activity diagrams for capturing attacks on business processes
REFSQ'07 Proceedings of the 13th international working conference on Requirements engineering: foundation for software quality
Towards CIM to PIM transformation: from secure business processes defined in BPMN to use-cases
BPM'07 Proceedings of the 5th international conference on Business process management
Information and Software Technology
Extending UML 2 activity diagrams with business intelligence objects
DaWaK'05 Proceedings of the 7th international conference on Data Warehousing and Knowledge Discovery
WorMS- a framework to support workflows in M&S
Proceedings of the Winter Simulation Conference
Securing business processes using security risk-oriented patterns
Computer Standards & Interfaces
Hi-index | 0.01 |
Business processes have become important resources, both for an enterprise's performance and to enable it to maintain its competitiveness. The languages used for business process representation have, in recent years, been improved and new notations have appeared. However, despite the wide acceptance of the importance of business process security, to date the business analyst perspective in relation to security has hardly been dealt with. Moreover, security requirements cannot be represented in modern business process modeling notations. In this paper, we present an extension of UML 2.0 activity diagrams which will allow security requirements to be specified in business processes. Our proposal, denominated as BPSec (Business Process Security), is Model Driven Architecture compliant since it is possible to obtain a set of UML artifacts (Platform Independent Model-PIM) used in software development from a Secure Business Process model specification (Computation Independent Model-CIM). We also present the application of our approach to an example based on a typical health care institution, in which our M-BPSec method is employed as a framework for the use of our UML extension.