Publication | Closed Access
A BPMN Extension for the Modeling of Security Requirements in Business Processes
263
Citations
18
References
2007
Year
EngineeringBusiness ProcessesInformation SecurityBpmn ExtensionSoftware EngineeringSecurity RequirementsBusiness Process ModelingSoftware AnalysisFormal VerificationHardware SecuritySecurity ModellingSystems EngineeringBusiness RequirementWorkflow SecuritySecure Business ProcessProcess SpecificationComputer ScienceSoftware DesignBusiness Process ManagementProgram AnalysisSecurityModel-driven Security
Business processes are essential for competitiveness, software development, and operational improvement, yet security is often addressed only after process definition. This work proposes integrating security requirements into business process modeling. We extend BPMN with a security extension and demonstrate its use on a typical health‑care process. Empirical studies show that stakeholders can express security needs at the process level.
Business Processes are considered a crucial issue by many enterprises because they are the key to maintain competitiveness. Moreover, business processes are important for software developers, since they can capture from them the necessary requirements for software design and creation. Besides, business process modeling is the center for conducting and improving how the business is operated. Security is important for business performance, but traditionally, it is considered after the business processes definition. Empirical studies show that, at the business process level, customers, end users, and business analysts are able to express their security needs. In this work, we will present a proposal aimed at integrating security requirements through business process modeling. We will summarize our Business Process Modeling Notation extension for modeling secure business process through Business Process Diagrams, and we will apply this approach to a typical health-care business process.
| Year | Citations | |
|---|---|---|
Page 1
Page 1