Assessing risks and opportunities in enterprise architecture using an extended adt approach

Proceedings - IEEE International Enterprise Distributed Object Computing Workshop, EDOC

Volumn , Issue , 2013, Pages 81-90

  Sousa, Sergio ^a   Marosin, Diana ^a,b   Gaaloul, Khaled ^a   Mayer, Nicolas ^a  

^a P and T Luxembourg ^*  (Luxembourg)

^b RADBOUD UNIVERSITY NIJMEGEN   (Netherlands)

Author keywords

ADT; Enterprise architecture; opportunities assessment; profits; risk management

Indexed keywords

INDUSTRY; PROFITABILITY; RISK MANAGEMENT; SECURITY OF DATA;

ADT; ARCHITECTURAL PRINCIPLES; ENTERPRISE ARCHITECTURE; ENTERPRISE DESIGN; INSURANCE SECTORS; OPPORTUNITIES ASSESSMENT; QUANTITATIVE RISK ANALYSIS; RISK MITIGATION;

RISK ASSESSMENT;

EID: 84892546915     PISSN: 15417719     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/EDOC.2013.18     Document Type: Conference Paper

References (28)

1. M. Op 't Land, H. Proper, M.Waage, J. Cloo, and C. Steghuis, Enterprise Architecture-Creating Value by Informed Governance, ser. The EE Series. Springer, 2008.
2. J. L. G. Dietz, A. Albani, and J. Barjis, Eds., Advances in EE I, 4th International Workshop CIAO! and 4th International Workshop EOMAS, held at CAiSE 2008, Montpellier, France, June 16-17, 2008. Proc., ser. LNBIP, vol. 10. Springer, 2008.
3. R. Wieringa, P. v. Eck, C. Steghuis, and H. Proper, Competences of IT Architects. The Hague, Netherlands: Academic Service-SDU, 2008. [Online]. Available: http://www.sdu.nl/catalogus/9789012580878
4. The Open Group, TOGAF Version 9. Van Haren Publishing, Zaltbommel, The Netherlands, 2009.
5. Object Management Group, "Business Motivation Model (BMM) Specification," Needham, Massachusetts, Tech. Rep. dtc/06-08-03, August 2006.
6. Washington State Department of Transportation, "Project Risk Management Guidance for WSDOT Projects," Tech. Rep., July 2010.
7. B. Kordy, S. Mauw, M. Melissen, and P. Schweitzer, "Attackdefense trees and two-player binary zero-sum extensive form games are equivalent," in Proc. of the First international conference on Decision and game theory for security, ser. GameSec'10. Springer, 2010, pp. 245-256.
8. S. Mauw and M. Oostdijk, "Foundations of attack trees," in International Conference on Information Security and Cryptology ICISC 2005. LNCS 3935. Springer, 2005, pp. 186-198.
9. S. Bistarelli, M. Dall'Aglio, and P. Peretti, "Strategic games on defense trees," in Proc. of the 4th international conference on Formal aspects in security and trust, ser. FAST'06. Springer, 2007, pp. 1-15.
10. S. Bistarelli, F. Fioravanti, and P. Peretti, "Defense trees for economic evaluation of security investments," in ARES, 2006, pp. 416-423.
11. M. M. Lankhorst, Enterprise Architecture at Work-Modelling, Communication and Analysis (4. ed.), ser. The EE Series. Springer, 2013.
12. H. Jonkers, M. Lankhorst, R. v. Buuren, S. Hoppenbrouwers, M. Bonsangue, and L. Van der Torre, "Concepts for Modeling Enterprise Architectures," International Journal of Cooperative Information Systems, vol. 13, no. 3, pp. 257-288, 2004.
13. D. Greefhorst and H. Proper, Architecture Principles-The Cornerstones of Enterprise Architecture, ser. The EE Series. Springer, 2011.
14. A. Osterwalder and Y. Pigneur, Business Model Generation: A Handbook for Visionaries, Game Changers, and Challengers. Amsterdam, The Netherlands: Self Published, 2009.
15. W. Engelsman, H. Jonkers, and D. Quartel, "ArchiMate Extention for Modeling and Managing Motivation, Principles and Requirements in TOGAF," The Open Group, White paper, August 2010.
16. The Open Group-TOGAF Version 9. Van Haren Publishing, Zaltbommel, The Netherlands, 2009.
17. J. Cummins and N. Doherty, "The economics of insurance intermediaries," The Journal of Risk and Insurance, vol. 73, no. 3, pp. 359-396, 2006.
18. H. Jonkers, I. Band, and D. Quartel, "The ArchiSurance Case Study," The Open Group, White Paper, Spring 2012.
19. ISO 31000, Risk management Principles and guidelines. Geneva: International Organization for Standardization, 2009.
20. ISO 31010, Risk management Risk assessment techniques. Geneva: International Organization for Standardization, 2009.
21. N. Mayer, "Model-based management of information system security risk," Ph.D. dissertation, University of Namur, 2009.
22. R. Matulevicius, N. Mayer, and P. Heymans, "Alignment of misuse cases with security risk management," in Proceedings of the 4th Symposium on Requirements Engineering for Information Security (SREIS'08), in conjunction with the 3rd International Conference of Availability, Reliability and Security (ARES'08). IEEE Computer Society, 2008, p. 13971404.
23. M. J. M. Chowdhury, R. Matulevicius, G. Sindre, and P. Karpati, "Aligning mal-activity diagrams and security risk management for security requirements definitions," in Requirements Engineering: Foundation for Software Quality, ser. LNCS, B. Regnell and D. Damian, Eds. Springer, Jan. 2012, no. 7195, pp. 132-139.
24. O. Altuhhova and R. Matulevicius, "Security risk management using business process modelling notations." [Online]. Available: http://comserv.cs.ut.ee/forms/ati report/downloader. php?file= 2d9492b162c11041043eb586b08b45d5524ad9fe
25. R. Matulevicius, N. Mayer, H. Mouratidis, E. Dubois, P. Heymans, and N. Genon, "Adapting secure tropos for security risk management during early phases of the information systems development," in Proceedings of the 20th International Conference on Advanced Information Systems Engineering (CAiSE '08). Springer, 2008, pp. 541-555.
26. Y. Asnar and P. Giorgini, "Modelling risk and identifying countermeasure in organizations." Samos Island, Greece, 30/08/2006 2006.
27. P. Bresciani, A. Perini, P. Giorgini, F. Giunchiglia, and J. Mylopoulos, "Tropos: An agent-oriented software development methodology," Autonomous Agents and Multi-Agent Systems, vol. 8, no. 3, pp. 203-236, May 2004.
28. H. Jonkers, H. Proper, and M. Turner, "TOGAF and Archi-Mate: A Future Together," The Open Group, White Paper W192, November 2009.