Semiring-based constraint satisfaction and optimization
Journal of the ACM (JACM)
Communicating and mobile systems: the &pgr;-calculus
Communicating and mobile systems: the &pgr;-calculus
Security service level agreements: quantifiable security for the enterprise?
Proceedings of the 1999 workshop on New security paradigms
Proceedings of the 2000 workshop on New security paradigms
Abstracting soft constraints: framework, properties, examples
Artificial Intelligence
Semiring frameworks and algorithms for shortest-distance problems
Journal of Automata, Languages and Combinatorics
A Broker-Based Framework for QoS-Aware Web Service Composition
EEE '05 Proceedings of the 2005 IEEE International Conference on e-Technology, e-Commerce and e-Service (EEE'05) on e-Technology, e-Commerce and e-Service
QoS Aggregation in Web Service Compositions
EEE '05 Proceedings of the 2005 IEEE International Conference on e-Technology, e-Commerce and e-Service (EEE'05) on e-Technology, e-Commerce and e-Service
Security and Trust in IT Business Outsourcing: a Manifesto
Electronic Notes in Theoretical Computer Science (ENTCS)
Modelling Quality of Protection in Outsourced Business Processes
IAS '07 Proceedings of the Third International Symposium on Information Assurance and Security
An algorithm for the appraisal of assurance indicators for complex business processes
Proceedings of the 2007 ACM workshop on Quality of protection
Security Provisioning in Pervasive Environments Using Multi-objective Optimization
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
An AHP-Based Framework for Quality and Security Evaluation
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Risk-Based Usage Control for Service Oriented Architecture
PDP '10 Proceedings of the 2010 18th Euromicro Conference on Parallel, Distributed and Network-based Processing
Formal approach to security metrics.: what does "more secure" mean for you?
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Formal analysis of security metrics and risk
WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
Hi-index | 0.00 |
We focus on the assessment of the security of business processes. We assume that a business process is composed of abstract services, each of which has several concrete instantiations. Essential peculiarity of our method is that we express security metrics used for the evaluation of security properties as semirings. First, we consider primitive decomposition of the business process into a weighted graph which describes possible implementations of the business process. Second, we evaluate the security using semiring-based methods for graph analysis. Finally, we exploit semirings to describe the mapping between security metrics which is useful when different metrics are used for the evaluation of security properties of services.