pdfreaders.org

Using SecureBPMN for Modelling Security-Aware Service Compositions

Achim D. Brucker

Cover for brucker:aniketos-securebpmn:2014.Today, many systems are built by orchestrating existing services, custom developed services, as well as interaction with users. These orchestrations, also called composition plans, are often described using high-level modelling languages that allow for simplifying 1) the implementation of systems by using generic execution engines and 2) the adaption of deployed systems to changing business needs. Thus, composition plans play an important role for both communicating business requirements between domain experts and system experts, and serving as a basis for the system implementation.

At the same time, ICT systems need to fulfil an increasing number of security and compliance requirements. Thus, there is a demand for integrating security and compliance requirements into composition plans.

We present SecureBPMN, a language for modelling security properties that can easily be integrated into languages used for describing service orchestrations. Moreover, we integrate SecureBPMN into BPMN and, thus, present a common language for describing service orchestration (in terms of business process models) together with their security and compliance requirements.

Schlüsselwörter: SecureBPMN, BPMN, Access Control, Confidentiality
Kategorien: ,
Dokumente: (Artikel als PDF Datei)

QR Code for brucker:aniketos-securebpmn:2014.Bitte zitieren sie diesen Artikel wie folgt:
Achim D. Brucker. Using SecureBPMN for Modelling Security-Aware Service Compositions. In Secure and Trustworthy Service Composition: The Aniketos Approach. Lecture Notes in Computer Science: State of the Art Surveys (8900), pages 110-120, Springer-Verlag, 2014.
Schlüsselwörter: SecureBPMN, BPMN, Access Control, Confidentiality
(Artikel als PDF Datei) (BibTeX) (Endnote) (RIS) (Word) (doi:10.1007/978-3-319-13518-2_8) (Share article on LinkedIn. Share article on CiteULike.)

BibTeX
@InCollection{ brucker:aniketos-securebpmn:2014,
abstract = {Today, many systems are built by orchestrating existing services, custom developed services, as well as interaction with users. These orchestrations, also called composition plans, are often described using high-level modelling languages that allow for simplifying 1) the implementation of systems by using generic execution engines and 2) the adaption of deployed systems to changing business needs. Thus, composition plans play an important role for both communicating business requirements between domain experts and system experts, and serving as a basis for the system implementation.\\\\At the same time, ICT systems need to fulfil an increasing number of security and compliance requirements. Thus, there is a demand for integrating security and compliance requirements into composition plans.\\\\We present SecureBPMN, a language for modelling security properties that can easily be integrated into languages used for describing service orchestrations. Moreover, we integrate SecureBPMN into BPMN and, thus, present a common language for describing service orchestration (in terms of business process models) together with their security and compliance requirements.},
address = {Heidelberg},
author = {Achim D. Brucker},
booktitle = {Secure and Trustworthy Service Composition: The Aniketos Approach},
doi = {10.1007/978-3-319-13518-2_8},
editor = {Achim D. Brucker and Fabiano Dalpiaz and Paolo Giorgini and Per H{\aa}kon Meland and Erkuden {Rios}},
isbn = {978-3-319-13517-5},
keywords = {SecureBPMN, BPMN, Access Control, Confidentiality},
number = {8900},
pages = {110--120},
pdf = {https://www.brucker.ch/bibliography/download/2014/brucker-aniketos-securebpmn-2014.pdf},
publisher = {Springer-Verlag},
series = {Lecture Notes in Computer Science: State of the Art Surveys},
title = {Using SecureBPMN for Modelling Security-Aware Service Compositions},
url = {https://www.brucker.ch/bibliography/abstract/brucker-aniketos-securebpmn-2014},
year = {2014},
}