Defining Secure Business Processes with Respect to Multiple Objectives

T. Neubauer, J. Heurix:
"Defining Secure Business Processes with Respect to Multiple Objectives";
Vortrag: Third International Conference on Availability, Reliability and Security ARES, Barcelona; 04.03.2008 - 07.03.2008; in:"Proceedings of the Third International Conference on Availability, Reliability and Security ARES", (2008), ISBN: 978-0-7695-3102-1; S. 187 - 194.

[ Publication Database ]

Abstract:


Business processes are of major importance in today´s business environments, and their unimpeded execution is crucial for a company´s success. Since business processes are permanently exposed to a variety of threats, organizations are forced to pay attention to security issues. Although the security of business activities is widely recognized as important, business processes and security aspects are often developed separately and without considering different objectives. This paper proposes a methodology that supports corporate decision makers with the elicitation of security requirements based on business processes, for the analysis of threats and vulnerabilities, and for the selection of appropriate security measures.