Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
A BPMN Extension for the Modeling of Security Requirements in Business Processes
IEICE - Transactions on Information and Systems
Security validation of business processes via model-checking
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
An approach to modular and testable security models of real-world health-care applications
Proceedings of the 16th ACM symposium on Access control models and technologies
A Framework for Managing and Analyzing Changes of Security Policies
POLICY '11 Proceedings of the 2011 IEEE International Symposium on Policies for Distributed Systems and Networks
A model transformation semantics and analysis methodology for SecureUML
MoDELS'06 Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems
Hi-index | 0.00 |
Modern enterprise systems have to comply to regulations such as Basel III resulting in complex security requirements. These requirements need to be modeled at design-time and enforced at runtime. Moreover, modern enterprise systems are often business-process driven, i.e., the system behavior is described as high-level business processes that are executed by a business process execution engine. Consequently, there is a need for an integrated and tool-supported methodology that allows for specifying and enforcing compliance and security requirements for business process-driven enterprise systems. In this paper, we present a tool chain supporting both the design-time modeling as well as the run-time enforcement of security requirements for business process-driven systems.