Modelling Quality of Protection in Outsourced Business Processes

Modelling Quality of Protection in Outsourced Business Processes

There is a large number of research papers and standards dedicated to security for outsourced data. Yet, most papers propose new controls to access and protect the data rather than to assess the level of assurance of the whole process that is currently deployed. The main contributions of the paper i...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Massacci, F., Yautsiukhin, A.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Appraisal
Buildings
Companies
Concrete
Data security
Information security
Outsourcing
Protection
Service oriented architecture
Technology management
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:There is a large number of research papers and standards dedicated to security for outsourced data. Yet, most papers propose new controls to access and protect the data rather than to assess the level of assurance of the whole process that is currently deployed. The main contributions of the paper is an approach for aggregating security properties of individual tasks of a complex business process in order to receive the level of assurance provided by the whole process. The approach takes into account the fact that some tasks of a business process may be outsourced and thus account for not very reliable partners. The approach chooses the concrete business process offering the highest assurance among several possible design alternatives by building an optimal hyper-path traversing the business process.
DOI:10.1109/IAS.2007.70