Capturing security requirements in business processes through a UML 2.0 activity diagrams profile

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 4231 LNCS, Issue , 2006, Pages 32-42

  Rodríguez, Alfonso ^a   Fernández Medina, Eduardo ^b   Piattini, Mario ^b  

^a UNIVERSIDAD DEL BÍO BÍO   (Chile)

^b UNIVERSITY OF CASTILLA LA MANCHA   (Spain)

Author keywords

[No Author keywords available]

Indexed keywords

ABSTRACTING; ADMINISTRATIVE DATA PROCESSING; COMPUTER SOFTWARE; DATA ACQUISITION; ELECTRONIC COMMERCE; ELECTRONIC DATA INTERCHANGE; INDUSTRIAL ECONOMICS;

ACTIVITY DIAGRAMS; BUSINESS PROCESSES; GLOBAL ECONOMY;

SECURITY OF DATA;

EID: 33845208648     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/11908883_6     Document Type: Conference Paper

References (28)

1. Abie, H., Aredo, D. B., Kristoffersen, T., Mazaher, S. and Raguin, T.; Integrating a Security Requirement Language with UML, 7th International Conference, The UML: Modelling Languages and Applications. Vol. 3273. Lisbon, Portugal. (2004). pp.350-364.
2. Artelsmair, C. and Wagner, R.; Towards a Security Engineering Process, The 7th World Multiconference on Systemics, Cybernetics and Informatics. Vol. VI. Orlando, Florida, USA. (2003). pp.22-27.
3. Backes, M., Pfitzmann, B. and Waider, M.; Security in Business Process Engineering, International Conference on Business Process Management (BPM). Vol. 2678, LNCS. Eindhoven, The Netherlands. (2003). pp.168-183.
4. Basin, D., Doser, J. and Lodderstedt, T.; Model driven security for process-oriented systems, SACMAT 2003, 8th ACM Symposium on Access Control Models and Technologies. Villa Gallia, Como, Italy. (2003).
5. Bock, C.; UML 2 Activity and Action Models, Journal of Object Technology. Vol. 2 (4), July-August. (2003). pp.43-53.
6. Eriksson, H.-E. and Penker, M., Business Modeling with UML, OMG Press. (2001).
7. Firesmith, D.; Engineering Security Requirements, Journal of Object Technology. Vol. 2 (1), January-February. (2003). pp.53-68.
8. Firesmith, D.; Specifying Reusable Security Requirements, Journal of Object Technology. Vol. 3 (1), January-February. (2004). pp.61-75.
9. Fuggetta, A.; Software process: a roadmap, ICSE 2000, 22nd International Conference on Software Engineering, Future of Software Engineering. Limerick Ireland. (2000). pp.25-34.
10. Hermann, G. and Pernul, G.; Viewing Business Process Security from Different Perspectives, 11th International Bled Electronic Commerce Conference. Slovenia. (1998). pp.89-103.
11. Jacobson, I., Booch, G. and Rumbaugh, J., El proceso unificado de desarrollo de software, (2000). 464 p.
12. Jürjens, J., Secure Systems Development with UML, Springer Verlag, (2004). 309 p.
13. Kalnins, A., Barzdins, J. and Celms, E.; UML Business Modeling Profile, Thirteenth International Conference on Information Systems Development, Advances in Theory, Practice and Education. Vilnius, Lithuania. (2004). pp.182-194.
14. List, B. and Korherr, B.; A UML 2 Profile for Business Process Modelling, 1st International Workshop on Best Practices of UML (BP-UML 2005) at ER-2005. Klagenfurt, Austria. (2005).
15. Lodderstedt, T., Basin, D. and Doser, J.; SecureUML: A UML-Based Modeling Language for Model-Driven Security, The Unified Modeling Language, 5th International Conference. Vol. 2460. Dresden, Germany. (2002). pp.426-441.
16. Lopez, J., Montenegro, J. A., Vivas, J. L., Okamoto, E. and Dawson, E.; Specification and design of advanced authentication and authorization services, Computer Standards & Interfaces. Vol. 27 (5). (2005). pp.467-478.
17. Maña, A., Montenegro, J. A., Rudolph, C. and Vivas, J. L.; A business process-driven approach to security engineering, 14th. International Workshop on Database and Expert Systems Applications (DEXA). Prague, Czech Republic. (2003). pp.477-481.
18. Maña, A., Ray, D., Sánchez, F. and Yagüe, M. I.; Integrando la Ingeniería de Seguridad en un Proceso de Ingeniería Software, VIII Reunión Española de Criptología y Seguridad de la Información, RECSI. Leganés, Madrid. España. (2004). pp.383-392.
19. Mouratidis, H., Giorgini, P. and Manson, G. A.; When security meets software engineering: a case of modelling secure information systems, Information Systems. Vol. 30 (8). (2005). pp.609-629.
20. Object Management Group; Unified Modeling Language: Superstructure, version 2.0, formal/05-07-04. In http://www.omg.org/docs/formal/05-07-04.pdf. (2005).
21. Pressman, R. S., Software Engineering: A Practitioner's Approach, 6th Edition, (2006). 880 p.
22. Quirchmayr, G.; Survivability and Business Continuity Management, ACSW Frontiers 2004 Workshops. Dunedin, New Zealand. (2004). pp.3-6.
23. Röhm, A. W., Herrmann, G. and Pernul, G.; A Language for Modelling Secure Business Transactions, 15th. Annual Computer Security Applications Conference. Phoenix, Arizona. (1999). pp.22-31.
24. Röhm, A. W., Pernul, G. and Hermann, G.; Modelling Secure and Fair Electronic Commerce, 14th. Annual Computer Security Applications Conference. Scottsdale, Arizona. (1998). pp.155-164.
25. Siponen, M. T.; Analysis of modern IS security development approaches: towards the next generation of social and adaptable ISS methods, Information and Organization. Vol. 15. (2005). pp.339-375.
26. Stefanov, V., List, B. and Korherr, B.; Extending UML 2 Activity Diagrams with Business Intelligence Objects, 7th International Conference on Data Warehousing and Knowledge Discovery (DaWaK2005). Copenhagen, Denmark. (2005).
27. Vivas, J. L., Montenegro, J. A. and Lopez, J.; Towards a Business Process-Driven Framework for security Engineering with the UML, Information Security: 6th International Conference, ISC. Bristol, U.K. (2003). pp.381-395.
28. Zulkernine, M. and Ahamed, S. I., Software Security Engineering: Toward Unifying Software Engineering and Security Engineering, in: Idea Group (Ed.), Enterprise Information Systems Assurance and Systems Security: Managerial and Technical Issues, M. Warkentin & R. Vaughn, 2006, p.215-232.