Towards the Derivation of Secure Business Process Designs

0
63

Authors: Andrew Fish, Haralambos Mouratidis, Nikolaos Argyropoulos

Tags: 2015, conceptual modeling

Security is a critical aspect of business processes that organisations utilise to achieve their goals. Current works on secure business process design mainly focus on annotating existing process models with security related concepts. Meanwhile, little attention is given to the rationale and the alignment of such security choices to high-level organisational security goals. To that end, a goal-to-process transformation approach, with a clear security orientation, is introduced, as part of a wider framework. This transformation process, presented through an illustrative example, uses Secure Tropos goal models as an input to create intermediate, security-annotated process skeletons. These can be then refined, through a series of manual tasks, to create secure BPMN process models.

Read the full paper here: https://link.springer.com/chapter/10.1007/978-3-319-25747-1_25