From Secure Business Process Models to Secure Artifact-Centric Specifications

By Mattia Salnitri, Achim D. Brucker, and Paolo Giorgini.

Making todays’ systems secure is an extremely difficult and challenging problem. Socio and technical issues interplay and contribute in creating vulnerabilities that cannot be easily prevented without a comprehensive engineering method. This paper presents a novel approach to support process-aware secure systems modeling and automated generation of secure artifact-centric implementations. It combines social and technical perspectives in developing secure complex systems. This work is the result of an academic and industrial collaboration, where SecBPMN2, a research prototype, has been integrated with SAP River, an industrial artifact-centric language.

Keywords:
SecBPMN2, BPMN, Artifact-Centric language, Business Process Models, Security, Socio-Technical Systems, Process-Driven Systems

Please cite this work as follows:
M. Salnitri, A. D. Brucker, and P. Giorgini, “From secure business process models to secure artifact-centric specifications,” in Enterprise, business-process and information systems modeling BPMDS, 2015, pp. 246–262. doi: 10.1007/978-3-319-19237-6_16. Author copy: https://logicalhacking.com/publications/salnitri.ea-river-2015/

BibTeX
@InProceedings{ salnitri.ea:river:2015,
  author    = {Mattia Salnitri and Achim D. Brucker and Paolo Giorgini},
  editor    = {Gaaloul, K. and Schmidt, R. and Nurcan, S. and Guerreiro, S.
               and Ma, Q.},
  title     = {From Secure Business Process Models to Secure
               Artifact-Centric Specifications},
  booktitle = {Enterprise, Business-Process and Information Systems Modeling
               {BPMDS}},
  series    = {Lecture Notes in Business Information Processing},
  publisher = {Springer-Verlag },
  year      = {2015},
  number    = {214},
  pages     = {246--262},
  doi       = {10.1007/978-3-319-19237-6_16},
  keywords  = {SecBPMN2, BPMN, Artifact-Centric language, Business Process
               Models, Security, Socio-Technical Systems, Process-Driven
               Systems},
  areas     = {security, software},
  abstract  = {Making todays' systems secure is an extremely difficult and
               challenging problem. Socio and technical issues interplay and
               contribute in creating vulnerabilities that cannot be easily
               prevented without a comprehensive engineering method. This
               paper presents a novel approach to support process-aware
               secure systems modeling and automated generation of secure
               artifact-centric implementations. It combines social and
               technical perspectives in developing secure complex systems.
               This work is the result of an academic and industrial
               collaboration, where SecBPMN2, a research prototype, has been
               integrated with SAP River, an industrial artifact-centric
               language.},
  note      = {Author copy: \url{https://logicalhacking.com/publications/salnitri.ea-river-2015/}},
  pdf       = {https://logicalhacking.com/publications/salnitri.ea-river-2015/salnitri.ea-river-2015.pdf},
}