Security Analysis of Electronic Business Processes

Security Analysis of Electronic Business Processes

This article introduces POSeM, a method that uses business process descriptions to derive appropriate security safeguards. This is achieved by assigning security levels to the components of a business process such as actors, artefacts, and activities with a specially developed description language....

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Electronic commerce research 2004-01, Vol.4 (1/2), p.59-81
Hauptverfasser: Röhrig, Susanne, Knorr, Konstantin
Format: Artikel
Sprache:eng
Schlagworte:
Access control
Accountability
Communication
Confidentiality
Electronic commerce
Mathematical models
Network security
Objectives
Security management
Security services
Software
Studies
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This article introduces POSeM, a method that uses business process descriptions to derive appropriate security safeguards. This is achieved by assigning security levels to the components of a business process such as actors, artefacts, and activities with a specially developed description language. These levels are checked for consistency, and security measures are derived using a configurable rule base that maps security objectives to safeguards. POSeM in practice is illustrated by an application to electronic business, i.e., the publication process of information for a company's web-site. Both the advantages of POSeM and its possible refinements are discussed. [PUBLICATION ABSTRACT]
ISSN:1389-5753
1572-9362
DOI:10.1023/B:ELEC.0000009282.06809.c5