Authors: Andrew Fish, Haralambos Mouratidis, Nikolaos Argyropoulos
Tags: 2015, conceptual modeling
Security is a critical aspect of business processes that organisations utilise to achieve their goals. Current works on secure business process design mainly focus on annotating existing process models with security related concepts. Meanwhile, little attention is given to the rationale and the alignment of such security choices to high-level organisational security goals. To that end, a goal-to-process transformation approach, with a clear security orientation, is introduced, as part of a wider framework. This transformation process, presented through an illustrative example, uses Secure Tropos goal models as an input to create intermediate, security-annotated process skeletons. These can be then refined, through a series of manual tasks, to create secure BPMN process models.Read the full paper here: https://link.springer.com/chapter/10.1007/978-3-319-25747-1_25