Hasso-Plattner-Institut
 
    • de
 

Conference Papers for Security and Trust Engineering at the chair of Prof. Dr. Christoph Meinel

Here you can find all our peer-reviewed conference papers about security and trust engineering:

Security Requirements Specification in Service-oriented Business Process Management

Menzel, Michael; Thomas, Ivonne; Meinel, Christoph in Proceedings of the 4th International Conference on Availability, Reliability and Security (ARES 2009) Seite 41-48 . Fukuoka, Japan , IEEE Computer Science , 2009 .

Service-oriented Architectures deliver a flexible infrastructure to allow independently developed software components to communicate in a seamless manner. In the scope of organisational workflows, SOA provides a suitable foundation to execute business processes as an orchestration of multiple independent services. Along with the increased connectivity, the corresponding security risks rise exponentially. However, security requirements are usually defined on a technical level, rather than on an organisational level that would provide a comprehensive view on the participants, the assets and their relationships regarding security. In this paper, we propose an approach to describe security requirements at the business process layer and their translation to concrete security configuration for service-based systems. We introduce security elements for business process modelling which allow to evaluate the trustworthiness of participants based on a rating of enterprise assets and to express security intentions such as confidentiality or integrity on an abstract level. Our aim is to facilitate the generation of security configurations based on the modelled requirements. For this purpose, we foster a model-driven approach: Information at the modelling layer is gathered and translated to a domain-independent security model. Concrete protocols and security mechanisms are resolved based on a security pattern system that is introduced in the course of this paper.
2009_Menzel_ARES.pdf
Weitere Informationen
Tags its
BibTeX

 

You can find other sub-lists of our conference papers focusing on 

Go back to the complete list of peer-reviewed conference papers.

Other Links

... to our Research
              Security Engineering - Learning & Knowledge Tech - Design Thinking - former
... to our Teaching
              Tele-Lectures - MOOCs - Labs - Systems 
... to our Publications
              Books - Journals - Conference-Papers - Patents
... and to our Annual Reports.