Eliciting Security Requirements for Business Processes of Legacy Systems

被引：6

作者：

Argyropoulos, Nikolaos ^{[1
]}

Marquez Alcaniz, Luis ^{[2
]}

Mouratidis, Haralambos ^{[1
]}

Fish, Andrew ^{[1
]}

Rosado, David G. ^{[3
]}

Garcia-Rodriguez de Guzman, Ignacio ^{[3
]}

Fernandez-Medina, Eduardo ^{[3
]}

机构：

[1] Univ Brighton, Watts Bldg,Lewes Rd, Brighton BN2 4GJ, E Sussex, England

[2] Spanish Natl Author Markets & Competit CNMC, Madrid, Spain

[3] Univ Castilla La Mancha, E-13071 Ciudad Real, Spain

来源：

PRACTICE OF ENTERPRISE MODELING, POEM 2015 | 2015年 / 235卷

关键词：

Legacy systems; Business process modelling; Goal-oriented security requirements; Secure Tropos; BPMN; MARBLE; INFORMATION-SYSTEMS; MANAGEMENT; DESIGN; MODELS;

D O I：

10.1007/978-3-319-25897-3_7

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The modernisation of enterprise legacy systems, without compromises in their functionality, is a demanding and time consuming endeavour. To retain the underlying business behaviour during their modernisation, the MARBLE TM framework has been developed for the extraction of business process models from their source code. Building on top of that work, in this paper we propose an integrated approach for transforming the extracted legacy process models into Secure Tropos goal models. Such models facilitate the elicitation of security requirements in a high level of abstraction, which are then incorporated back into the process models of the modernised systems as security features. Therefore high level models can be derived from legacy source code with minimal manual intervention, where security can be elaborated by nontechnical stakeholders in alignment with organisational objectives.

引用

页码：91 / 107

页数：17

共 50 条

[31] Eliciting Security Requirements Method Based on Safety Knowledge Base
Yu, Xiaofei
Li, Xiaohong
Mang, Qianqian
CONTEMPORARY RESEARCH ON E-BUSINESS TECHNOLOGY AND STRATEGY, 2012, 332 : 109 - 121
[32] A framework for integrating business processes and business requirements
Kazhamiakin, R
Pistore, M
Roveri, M
EIGHTH IEEE INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING CONFERENCE, PROCEEDINGS, 2004, : 9 - 20
[33] Capturing security requirements in business processes through a UML 2.0 activity diagrams profile
Rodriguez, Alfonso
Fernandez-Medina, Eduardo
Piattini, Mario
ADVANCES IN CONCEPTUAL MODELING - THEORY AND PRACTICE, PROCEEDINGS, 2006, 4231 : 32 - 42
[34] Flexible and solid business processes as a result of the detachment of Legacy systems by SAP modules
Boeck, Carsten
Stoesser, Juergen
STAHL UND EISEN, 2007, 127 (04): : 83 - +
[35] MARBLE: Modernization Approach for Recovering Business Processes from Legacy Information Systems
Perez-Castillo, Ricardo
2012 28TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE MAINTENANCE (ICSM), 2012, : 671 - 676
[36] A business process-based method on security requirements analysis of information systems
Yu, ZW
Tang, RZ
Ye, FB
PROCEEDINGS OF THE 12TH INTERNATIONAL CONFERENCE ON INDUSTRIAL ENGINEERING AND ENGINEERING MANAGEMENT, VOLS 1 AND 2: MODERN INDUSTRIAL ENGINEERING AND INNOVATION IN ENTERPRISE MANAGEMENT, 2005, : 1005 - 1009
[37] A Semi-Automatic Approach for Eliciting Cloud Security and Privacy Requirements
Argyropoulos, Nikolaos
Shei, Shaun
Kalloniatis, Christos
Mouratidis, Haralambos
Delaney, Aidan
Fish, Andrew
Gritzalis, Stefanos
PROCEEDINGS OF THE 50TH ANNUAL HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES, 2017, : 4827 - 4836
[38] Towards ontological approach to eliciting risk-based security requirements
Arogundade, Oluwasefunmi Tale
Jin, Zhi
Yang, Xiaoguang
International Journal of Information and Computer Security, 2014, 6 (02) : 143 - 178
[39] Assessing frameworks for eliciting privacy & security requirements from laws and regulations
Olukoya, Oluwafemi
COMPUTERS & SECURITY, 2022, 117
[40] The Process of Engineering of Security of Information Systems (ESIS): The Formalism of Business Processes
Goudalo, Wilson
Seret, Dominique
2009 THIRD INTERNATIONAL CONFERENCE ON EMERGING SECURITY INFORMATION, SYSTEMS, AND TECHNOLOGIES, 2009, : 105 - 113

← 1 2 3 4 5 →