Enterprise Architecture-Based Risk and Security Modelling and Analysis

被引:5
|
作者
Jonkers, Henk [1 ]
Quartel, Dick A. C. [1 ]
机构
[1] BiZZdesign, POB 321, NL-7500 AN Enschede, Netherlands
来源
GRAPHICAL MODELS FOR SECURITY, GRAMSEC 2016 | 2016年 / 9987卷
关键词
Enterprise architecture; Archimate; Risk and security modelling; Risk analysis;
D O I
10.1007/978-3-319-46263-9_6
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
The growing complexity of organizations and the increasing number of sophisticated cyber attacks asks for a systematic and integral approach to Enterprise Risk and Security Management (ERSM). As enterprise architecture offers the necessary integral perspective, including the business and IT aspects as well as the business motivation, it seems natural to integrate risk and security aspects in the enterprise architecture. In this paper we show how the ArchiMate standard for enterprise architecture modelling can be used to support risk and security modelling and analysis throughout the ERSM cycle, covering both risk assessment and security deployment.
引用
收藏
页码:94 / 101
页数:8
相关论文
共 50 条
  • [1] Challenges for Risk and Security Modelling in Enterprise Architecture
    Grov, Gudmund
    Mancini, Federico
    Mestl, Elsie Margrethe Staff
    PRACTICE OF ENTERPRISE MODELING, POEM 2019, 2019, 369 : 215 - 225
  • [2] An Architecture-based Enterprise Planning Process
    Martin, James N
    INCOSE International Symposium, 2015, 25 (01) : 948 - 961
  • [3] Architecture-Based Security or UxVs
    Berzins, Valdis
    NAVAL ENGINEERS JOURNAL, 2020, 132 (02) : 95 - 100
  • [4] Security architecture-based system design
    Schneider, EA
    NEW SECURITY PARADIGM WORKSHOP, PROCEEDINGS, 2000, : 25 - 31
  • [5] Analyzing Enterprise Models Using Enterprise Architecture-Based Ontology
    Sunkle, Sagar
    Kulkarni, Vinay
    Roychoudhury, Suman
    MODEL-DRIVEN ENGINEERING LANGUAGES AND SYSTEMS, 2013, 8107 : 622 - 638
  • [6] Enterprise architecture alignment (an overview of the architecture-based development approach)
    McMullen, B
    TOWARD AN ELECTRONIC PATIENT RECORD '97 - CONFERENCE AND EXPOSITION, PROCEEDINGS, VOLS 1-3, 1997, : B166 - B168
  • [7] An Extensible Framework for Architecture-Based Data Flow Analysis for Information Security
    Boltz, Nicolas
    Hahner, Sebastian
    Gerking, Christopher
    Heinrich, Robert
    SOFTWARE ARCHITECTURE: ECSA 2023 TRACKS, WORKSHOPS, AND DOCTORAL SYMPOSIUM, ECSA 2023, CASA 2023, AMP 2023, FAACS 2023, DEMESSA 2023, QUALIFIER 2023, TWINARCH 2023, 2024, 14590 : 342 - 358
  • [8] Architecture-Based Attack Path Analysis for Identifying Potential Security Incidents
    Walter, Maximilian
    Heinrich, Robert
    Reussner, Ralf
    SOFTWARE ARCHITECTURE, ECSA 2023, 2023, 14212 : 37 - 53
  • [9] ARCHITECTURE-BASED NETWORK SIMULATION FOR CYBER SECURITY
    Hamilton, John A., Jr.
    2013 WINTER SIMULATION CONFERENCE (WSC), 2013, : 2914 - 2922
  • [10] Improving Testing in an Enterprise SOA with an Architecture-based Approach
    Buchgeher, Georg
    Klammer, Claus
    Heider, Wolfgang
    Schuetz, Martin
    Huber, Heinz
    2016 13TH WORKING IEEE/IFIP CONFERENCE ON SOFTWARE ARCHITECTURE (WICSA), 2016, : 231 - 240
12345