Eliciting security requirements for business processes of legacy systems

Nikolaos Argyropoulos, Luis Márquez Alcañiz, Haralambos Mouratidis, Andrew Fish, David G. Rosado, Ignacio García-Rodriguez de Guzmán, Eduardo Fernandez-Medina

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBN

Abstract

The modernisation of enterprise legacy systems, without compromises in their functionality, is a demanding and time consuming endeavour. To retain the underlying business behaviour during their modernisation, the MARBLE framework has been developed for the extraction of business process models from their source code. Building on top of that work, in this paper we propose an integrated approach for transforming the extracted legacy process models into Secure Tropos goal models. Such models facilitate the elicitation of security requirements in a high level of abstraction, which are then incorporated back into the process models of the modernised systems as security features. Therefore high level models can be derived from legacy source code with minimal manual intervention, where security can be elaborated by non-technical stakeholders in alignment with organisational objectives.
Original languageEnglish
Title of host publicationThe Practice of Enterprise Modeling
Place of PublicationSwitzerland
PublisherSpringer International Publishing
Pages91-107
Number of pages17
Volume235
ISBN (Print)9783319258966
DOIs
Publication statusPublished - 26 Nov 2015
EventThe Practice of Enterprise Modeling - Valencia, Spain, November 10-12, 2015
Duration: 26 Nov 2015 → …

Publication series

NameLecture Notes in Business Information Processing

Conference

ConferenceThe Practice of Enterprise Modeling
Period26/11/15 → …

Fingerprint Dive into the research topics of 'Eliciting security requirements for business processes of legacy systems'. Together they form a unique fingerprint.

  • Cite this

    Argyropoulos, N., Alcañiz, L. M., Mouratidis, H., Fish, A., Rosado, D. G., de Guzmán, I. G-R., & Fernandez-Medina, E. (2015). Eliciting security requirements for business processes of legacy systems. In The Practice of Enterprise Modeling (Vol. 235, pp. 91-107). (Lecture Notes in Business Information Processing). Springer International Publishing. https://doi.org/10.1007/978-3-319-25897-3_7