Eliciting Security Requirements for Business Processes of Legacy Systems

被引：6

作者：

Argyropoulos, Nikolaos ^{[1
]}

Marquez Alcaniz, Luis ^{[2
]}

Mouratidis, Haralambos ^{[1
]}

Fish, Andrew ^{[1
]}

Rosado, David G. ^{[3
]}

Garcia-Rodriguez de Guzman, Ignacio ^{[3
]}

Fernandez-Medina, Eduardo ^{[3
]}

机构：

[1] Univ Brighton, Watts Bldg,Lewes Rd, Brighton BN2 4GJ, E Sussex, England

[2] Spanish Natl Author Markets & Competit CNMC, Madrid, Spain

[3] Univ Castilla La Mancha, E-13071 Ciudad Real, Spain

来源：

PRACTICE OF ENTERPRISE MODELING, POEM 2015 | 2015年 / 235卷

关键词：

Legacy systems; Business process modelling; Goal-oriented security requirements; Secure Tropos; BPMN; MARBLE; INFORMATION-SYSTEMS; MANAGEMENT; DESIGN; MODELS;

D O I：

10.1007/978-3-319-25897-3_7

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The modernisation of enterprise legacy systems, without compromises in their functionality, is a demanding and time consuming endeavour. To retain the underlying business behaviour during their modernisation, the MARBLE TM framework has been developed for the extraction of business process models from their source code. Building on top of that work, in this paper we propose an integrated approach for transforming the extracted legacy process models into Secure Tropos goal models. Such models facilitate the elicitation of security requirements in a high level of abstraction, which are then incorporated back into the process models of the modernised systems as security features. Therefore high level models can be derived from legacy source code with minimal manual intervention, where security can be elaborated by nontechnical stakeholders in alignment with organisational objectives.

引用

页码：91 / 107

页数：17

共 38 条

[1]

[Anonymous], 2012, 19506 ISOIEC

[2]

[Anonymous], 2014, PROC RCIS 14

[3]

Bernardi ML, 2008, CSMR 2008: 12TH EUROPEAN CONFERENCE ON SOFTWARE MAINTENANCE AND REENGINEERING, P290

[4] Legacy information systems: Issues and directions [J].

Bisbal, J ;

Lawless, D ;

Wu, B ;

Grimson, J .

IEEE SOFTWARE, 1999, 16 (05) :103-111

[5]

Bisbal J., 1997, TECHNICAL REPORT

[6]

BPIE, 2011, EUROPE'S BUILDINGS UNDER THE MICROSCOPE A country-by-country review of the energy performance of buildings

[7] Dynamic Analysis of SQL Statements for Data-Intensive Applications Reverse Engineering [J].

Cleve, Anthony ;

Hainaut, Jean-Luc .

FIFTEENTH WORKING CONFERENCE ON REVERSE ENGINEERING, PROCEEDINGS, 2008, :192-196

[8]

Decreus K, 2011, LECT NOTES BUS INF P, V72, P29

[9]

Fernandez-Ropero M, 2013, 3 INT S DAT DRIV PRO, P16

[10]

Fernandez-Ropero M., 2013, P 28 ANN ACM S APPL, P1397, DOI [10.1145/2480362.2480625, DOI 10.1145/2480362.2480625]

← 1 2 3 4 →