Security and safety of assets in business processes

Authors:
Ganna Monakova;Achim D. Brucker;Andreas Schaad
Affiliations:
SAP Research Karlsruhe, Karlsruhe, Germany;SAP Research Karlsruhe, Karlsruhe, Germany;SAP Research Karlsruhe, Karlsruhe, Germany
Venue:
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Year:
2012

Citing 10
Cited 1

CoSMo: An Approach Towards Conceptual Security Modeling

DEXA '02 Proceedings of the 13th International Conference on Database and Expert Systems Applications
Model driven security: From UML models to access control infrastructures

ACM Transactions on Software Engineering and Methodology (TOSEM)
Security requirement analysis of business processes

Electronic Commerce Research
A BPMN Extension for the Modeling of Security Requirements in Business Processes

IEICE - Transactions on Information and Systems
Model-driven business process security requirement specification

Journal of Systems Architecture: the EUROMICRO Journal
Perspective oriented business process visualization

BPM'07 Proceedings of the 2007 international conference on Business process management
Secure Systems Development with UML

Secure Systems Development with UML
Workflow ART

OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
A Framework for Managing and Analyzing Changes of Security Policies

POLICY '11 Proceedings of the 2011 IEEE International Symposium on Policies for Distributed Systems and Networks
Proviado – personalized and configurable visualizations of business processes

EC-Web'06 Proceedings of the 7th international conference on E-Commerce and Web Technologies

Automating architectural security analysis

Proceedings of the 17th ACM symposium on Access Control Models and Technologies

Quantified Score

Hi-index	0.00

Visualization

Abstract

Business processes and service compositions are defined independent of the realizing systems. The visualization of security and safety constraints on the business process model level appears to be a promising approach to system independent specification of the security and safety requirements. Such requirements can be realized through business process annotation and used for communication or documentation, but they also can have an execution semantics that allows for automating the security and safety controls. In this paper, we present a tool-supported framework that extends modeling and execution of business processes with specification, execution and monitoring of the security and safety constraints that are used to protect business assets. We illustrate our approach on basis of a case study modeling a supply chain for perishable goods.