Security in business process engineering

被引：0

作者：

Backes, M ^{[1
]}

Pfitzmann, B ^{[1
]}

Waidner, M ^{[1
]}

机构：

[1] IBM Corp, Zurich Res Lab, Ruschlikon, Switzerland

来源：

BUSINESS PROCESS MANAGEMENT, PROCEEDINGS | 2003年 / 2678卷

关键词：

security in business process modeling; design; verification and validation;

D O I：

暂无

中图分类号：

F [经济];

学科分类号：

02 ;

摘要：

We present a general methodology for integrating arbitrary security requirements in the development of business processes in a both elegant and rigorous way. We show how trust relationships between different parties and their respective security goals can be reflected in a specification, which results in a realistic modeling of business processes in the presence of malicious adversaries. Special attention is given to the incorporation of cryptography in the development process with the main goal of achieving specifications that are sufficiently simple to be suited for formal verification, yet allow for a provably secure cryptographic implementation.

引用

页码：168 / 183

页数：16

共 50 条

[1] A business process-driven approach to security engineering
Maña, A
Montenegro, JA
Rudolph, C
Vivas, JL
[J]. 14TH INTERNATIONAL WORKSHOP ON DATABASE AND EXPERT SYSTEMS APPLICATIONS, PROCEEDINGS, 2003, : 477 - 481
[2] SecEPM: A Security Engineering Process Model for Electronic Business Processes
Eichler, Joern
[J]. 2012 NINTH IEEE INTERNATIONAL CONFERENCE ON E-BUSINESS ENGINEERING (ICEBE), 2012, : 206 - 213
[3] Security integration in inter-enterprise business process engineering
Biennier, F
[J]. COLLABORATIVE SYSTEMS FOR PRODUCTION MANAGEMENT, 2003, 129 : 207 - 217
[4] Towards a business process-driven framework for security engineering with the UML
Vivas, JL
Montenegro, JA
López, J
[J]. INFORMATION SECURITY, PROCEEDINGS, 2003, 2851 : 381 - 395
[5] The Process of Engineering of Security of Information Systems (ESIS): The Formalism of Business Processes
Goudalo, Wilson
Seret, Dominique
[J]. 2009 THIRD INTERNATIONAL CONFERENCE ON EMERGING SECURITY INFORMATION, SYSTEMS, AND TECHNOLOGIES, 2009, : 105 - 113
[6] Business process re-engineering and information security planning: Opportunities for integration
El-Gayar, OF
Fritz, BD
[J]. 8TH WORLD MULTI-CONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL XII, PROCEEDINGS: APPLICATIONS OF CYBERNETICS AND INFORMATICS IN OPTICS, SIGNALS, SCIENCE AND ENGINEERING, 2004, : 31 - 36
[7] Security in Business Process Management
Accorsi, Rafael
[J]. IT-INFORMATION TECHNOLOGY, 2013, 55 (06): : 215 - 216
[8] Business engineering: Is process the key?
Fowler, D
Henderson-Sellers, B
Younessi, H
[J]. JOOP-JOURNAL OF OBJECT-ORIENTED PROGRAMMING, 2000, 13 (07): : 37 - 42
[9] Semantic Business Process Engineering
Lemcke, Jens
Rahmani, Tirdad
Friesen, Andreas
[J]. REASONING WEB: SEMANTIC TECHNOLOGIES FOR SOFTWARE ENGINEERING, 2010, 6325 : 161 - 181
[10] Business process engineering by design
Durfee, GV
Flores, P
[J]. INNOVATION IN TECHNOLOGY MANAGEMENT - THE KEY TO GLOBAL LEADERSHIP: THE KEY TO GLOBAL LEADERSHIP, 1997, : 885 - 885

← 1 2 3 4 5 →