Supporting secure business process design via security process patterns

Nikolaos Argyropoulos, Haralambos Mouratidis, Andrew Fish

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBNResearchpeer-review

Abstract

Security is an important non-functional characteristic of the business processes used by organisations for the coordination of their activities. Nevertheless, the implementation of security at the operational level can be challenging due to the limited security expertise of process designers and the delayed consideration of security during process development. To overcome such issues, expert knowledge and proven security solutions can be captured in the form of process patterns, which can easily be reused and integrated to business processes with minimal security-related knowledge required. In this work we introduce process-level security patterns, each of which contains the main activities required for the operationalisation of different security requirements. The introduced patterns are then used as a component of an existing framework for the creation of secure business process designs, the application of which, is illustrated through a working example. A preliminary evaluation of the proposed patterns is conducted via a workshop session.

Original languageEnglish
Title of host publicationEnterprise, Business-Process and Information Systems Modeling - 18th International Conference, BPMDS 2017, 22nd International Conference, EMMSAD 2017 Held at CAiSE 2017, Proceedings
PublisherSpringer-Verlag
Pages9-13
Number of pages5
ISBN (Print)9783319594651
DOIs
Publication statusPublished - 1 May 2017
Event18th International Conference on Business Process Modeling, Development and Support, BPMDS 2017 and 22nd International Conference on Evaluation and Modeling Methods for Systems Analysis and Development, EMMSAD 2017 held at Conference on Advanced Information Systems Engineering, CAiSE 2017 - Essen, Germany
Duration: 12 Jun 201713 Jun 2017

Publication series

NameLecture Notes in Business Information Processing
Volume287
ISSN (Print)1865-1348

Conference

Conference18th International Conference on Business Process Modeling, Development and Support, BPMDS 2017 and 22nd International Conference on Evaluation and Modeling Methods for Systems Analysis and Development, EMMSAD 2017 held at Conference on Advanced Information Systems Engineering, CAiSE 2017
CountryGermany
CityEssen
Period12/06/1713/06/17

Fingerprint

Process Design
Business Process
Process design
Industry
Business process design
Expertise
Development Process
Requirements
Evaluation

Keywords

  • Business process modelling
  • Business process security
  • requirements
  • Security
  • Security process patterns

Cite this

Argyropoulos, N., Mouratidis, H., & Fish, A. (2017). Supporting secure business process design via security process patterns. In Enterprise, Business-Process and Information Systems Modeling - 18th International Conference, BPMDS 2017, 22nd International Conference, EMMSAD 2017 Held at CAiSE 2017, Proceedings (pp. 9-13). (Lecture Notes in Business Information Processing; Vol. 287). Springer-Verlag. https://doi.org/10.1007/978-3-319-59466-8_2
Argyropoulos, Nikolaos ; Mouratidis, Haralambos ; Fish, Andrew. / Supporting secure business process design via security process patterns. Enterprise, Business-Process and Information Systems Modeling - 18th International Conference, BPMDS 2017, 22nd International Conference, EMMSAD 2017 Held at CAiSE 2017, Proceedings. Springer-Verlag, 2017. pp. 9-13 (Lecture Notes in Business Information Processing).
@inproceedings{8443e780f412456f9d878bc386285510,
title = "Supporting secure business process design via security process patterns",
abstract = "Security is an important non-functional characteristic of the business processes used by organisations for the coordination of their activities. Nevertheless, the implementation of security at the operational level can be challenging due to the limited security expertise of process designers and the delayed consideration of security during process development. To overcome such issues, expert knowledge and proven security solutions can be captured in the form of process patterns, which can easily be reused and integrated to business processes with minimal security-related knowledge required. In this work we introduce process-level security patterns, each of which contains the main activities required for the operationalisation of different security requirements. The introduced patterns are then used as a component of an existing framework for the creation of secure business process designs, the application of which, is illustrated through a working example. A preliminary evaluation of the proposed patterns is conducted via a workshop session.",
keywords = "Business process modelling, Business process security, requirements, Security, Security process patterns",
author = "Nikolaos Argyropoulos and Haralambos Mouratidis and Andrew Fish",
year = "2017",
month = "5",
day = "1",
doi = "10.1007/978-3-319-59466-8_2",
language = "English",
isbn = "9783319594651",
series = "Lecture Notes in Business Information Processing",
publisher = "Springer-Verlag",
pages = "9--13",
booktitle = "Enterprise, Business-Process and Information Systems Modeling - 18th International Conference, BPMDS 2017, 22nd International Conference, EMMSAD 2017 Held at CAiSE 2017, Proceedings",

}

Argyropoulos, N, Mouratidis, H & Fish, A 2017, Supporting secure business process design via security process patterns. in Enterprise, Business-Process and Information Systems Modeling - 18th International Conference, BPMDS 2017, 22nd International Conference, EMMSAD 2017 Held at CAiSE 2017, Proceedings. Lecture Notes in Business Information Processing, vol. 287, Springer-Verlag, pp. 9-13, 18th International Conference on Business Process Modeling, Development and Support, BPMDS 2017 and 22nd International Conference on Evaluation and Modeling Methods for Systems Analysis and Development, EMMSAD 2017 held at Conference on Advanced Information Systems Engineering, CAiSE 2017, Essen, Germany, 12/06/17. https://doi.org/10.1007/978-3-319-59466-8_2

Supporting secure business process design via security process patterns. / Argyropoulos, Nikolaos; Mouratidis, Haralambos; Fish, Andrew.

Enterprise, Business-Process and Information Systems Modeling - 18th International Conference, BPMDS 2017, 22nd International Conference, EMMSAD 2017 Held at CAiSE 2017, Proceedings. Springer-Verlag, 2017. p. 9-13 (Lecture Notes in Business Information Processing; Vol. 287).

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBNResearchpeer-review

TY - GEN

T1 - Supporting secure business process design via security process patterns

AU - Argyropoulos, Nikolaos

AU - Mouratidis, Haralambos

AU - Fish, Andrew

PY - 2017/5/1

Y1 - 2017/5/1

N2 - Security is an important non-functional characteristic of the business processes used by organisations for the coordination of their activities. Nevertheless, the implementation of security at the operational level can be challenging due to the limited security expertise of process designers and the delayed consideration of security during process development. To overcome such issues, expert knowledge and proven security solutions can be captured in the form of process patterns, which can easily be reused and integrated to business processes with minimal security-related knowledge required. In this work we introduce process-level security patterns, each of which contains the main activities required for the operationalisation of different security requirements. The introduced patterns are then used as a component of an existing framework for the creation of secure business process designs, the application of which, is illustrated through a working example. A preliminary evaluation of the proposed patterns is conducted via a workshop session.

AB - Security is an important non-functional characteristic of the business processes used by organisations for the coordination of their activities. Nevertheless, the implementation of security at the operational level can be challenging due to the limited security expertise of process designers and the delayed consideration of security during process development. To overcome such issues, expert knowledge and proven security solutions can be captured in the form of process patterns, which can easily be reused and integrated to business processes with minimal security-related knowledge required. In this work we introduce process-level security patterns, each of which contains the main activities required for the operationalisation of different security requirements. The introduced patterns are then used as a component of an existing framework for the creation of secure business process designs, the application of which, is illustrated through a working example. A preliminary evaluation of the proposed patterns is conducted via a workshop session.

KW - Business process modelling

KW - Business process security

KW - requirements

KW - Security

KW - Security process patterns

UR - http://www.scopus.com/inward/record.url?scp=85021244878&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-59466-8_2

DO - 10.1007/978-3-319-59466-8_2

M3 - Conference contribution with ISSN or ISBN

SN - 9783319594651

T3 - Lecture Notes in Business Information Processing

SP - 9

EP - 13

BT - Enterprise, Business-Process and Information Systems Modeling - 18th International Conference, BPMDS 2017, 22nd International Conference, EMMSAD 2017 Held at CAiSE 2017, Proceedings

PB - Springer-Verlag

ER -

Argyropoulos N, Mouratidis H, Fish A. Supporting secure business process design via security process patterns. In Enterprise, Business-Process and Information Systems Modeling - 18th International Conference, BPMDS 2017, 22nd International Conference, EMMSAD 2017 Held at CAiSE 2017, Proceedings. Springer-Verlag. 2017. p. 9-13. (Lecture Notes in Business Information Processing). https://doi.org/10.1007/978-3-319-59466-8_2