Analysis-level classes from secure business processes through model transformations

Authors:
Alfonso Rodríguez;Eduardo Fernández-Medina;Mario Piattini
Affiliations:
Departamento de Auditoría e Informática, Universidad del Bio Bio Chillán, Chile;Information Systems and Technologies Department, UCLM-Soluziona Research and Development Institute, University of Castilla-La Mancha, Ciudad Real, Spain;Information Systems and Technologies Department, UCLM-Soluziona Research and Development Institute, University of Castilla-La Mancha, Ciudad Real, Spain
Venue:
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Year:
2007

Citing 9
Cited 3

Software process: a roadmap

Proceedings of the Conference on The Future of Software Engineering
A Language for Modeling Secure Business Transactions

ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
A business process-driven approach to security engineering

DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
Survivability and business continuity management

ACSW Frontiers '04 Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation - Volume 32
A Categorization of Collaborative Business Process Modeling Techniques

CECW '05 Proceedings of the Seventh IEEE International Conference on E-Commerce Technology Workshops
Security requirement analysis of business processes

Electronic Commerce Research
Specification and design of advanced authentication and authorization services

Computer Standards & Interfaces
Security in business process engineering

BPM'03 Proceedings of the 2003 international conference on Business process management
Towards a UML 2.0 extension for the modeling of security requirements in business processes

TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business

Editorial: Model-Driven Development for secure information systems

Information and Software Technology
M-BPSec: a method for security requirement elicitation from a UML 2.0 business process specification

ER'07 Proceedings of the 2007 conference on Advances in conceptual modeling: foundations and applications
Semi-formal transformation of secure business processes into analysis class and use case models: An MDA approach

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Nowadays, business processes (BP) are important in the maintenance of competitiveness within enterprises. Moreover, security is a crucial issue in business performance. In the last few years, the languages used for BP representation have been improved and new notations have appeared. Proposals for security requirement specifications at this high level of abstraction have also appeared. Nevertheless, these models have not been transformed into concrete models that can be used in a software development process. In our proposal, we will obtain analysis-level classes from a business process specification in which security requirements are included. Model transformations are within the scope of MDA and they are specified by using the QVT standard. Finally, we shall apply this approach to a typical health-care business process.