
By Mattia Salnitri, Achim D. Brucker, and Paolo Giorgini.
Making todays’ systems secure is an extremely difficult and challenging problem. Socio and technical issues interplay and contribute in creating vulnerabilities that cannot be easily prevented without a comprehensive engineering method. This paper presents a novel approach to support process-aware secure systems modeling and automated generation of secure artifact-centric implementations. It combines social and technical perspectives in developing secure complex systems. This work is the result of an academic and industrial collaboration, where SecBPMN2, a research prototype, has been integrated with SAP River, an industrial artifact-centric language.
Keywords: SecBPMN2, BPMN, Artifact-Centric language, Business Process Models, Security, Socio-Technical Systems, Process-Driven Systems
Please cite this work as follows: M. Salnitri, A. D. Brucker, and P. Giorgini, “From secure business process models to secure artifact-centric specifications,” in Enterprise, business-process and information systems modeling BPMDS, 2015, pp. 246–262. doi: 10.1007/978-3-319-19237-6_16. Author copy: https://logicalhacking.com/publications/salnitri.ea-river-2015/
@InProceedings{ salnitri.ea:river:2015,
author = {Mattia Salnitri and Achim D. Brucker and Paolo Giorgini},
editor = {Gaaloul, K. and Schmidt, R. and Nurcan, S. and Guerreiro, S.
and Ma, Q.},title = {From Secure Business Process Models to Secure
Artifact-Centric Specifications},booktitle = {Enterprise, Business-Process and Information Systems Modeling
{BPMDS}},series = {Lecture Notes in Business Information Processing},
publisher = {Springer-Verlag },
year = {2015},
number = {214},
pages = {246--262},
doi = {10.1007/978-3-319-19237-6_16},
keywords = {SecBPMN2, BPMN, Artifact-Centric language, Business Process
Models, Security, Socio-Technical Systems, Process-Driven
Systems},areas = {security, software},
abstract = {Making todays' systems secure is an extremely difficult and
challenging problem. Socio and technical issues interplay and
contribute in creating vulnerabilities that cannot be easily
prevented without a comprehensive engineering method. This
paper presents a novel approach to support process-aware
secure systems modeling and automated generation of secure
artifact-centric implementations. It combines social and
technical perspectives in developing secure complex systems.
This work is the result of an academic and industrial
collaboration, where SecBPMN2, a research prototype, has been
integrated with SAP River, an industrial artifact-centric
language.},note = {Author copy: \url{https://logicalhacking.com/publications/salnitri.ea-river-2015/}},
pdf = {https://logicalhacking.com/publications/salnitri.ea-river-2015/salnitri.ea-river-2015.pdf},
}