Eliciting Security Requirements for Business Processes of Legacy Systems

被引:6
|
作者
Argyropoulos, Nikolaos [1 ]
Marquez Alcaniz, Luis [2 ]
Mouratidis, Haralambos [1 ]
Fish, Andrew [1 ]
Rosado, David G. [3 ]
Garcia-Rodriguez de Guzman, Ignacio [3 ]
Fernandez-Medina, Eduardo [3 ]
机构
[1] Univ Brighton, Watts Bldg,Lewes Rd, Brighton BN2 4GJ, E Sussex, England
[2] Spanish Natl Author Markets & Competit CNMC, Madrid, Spain
[3] Univ Castilla La Mancha, E-13071 Ciudad Real, Spain
来源
PRACTICE OF ENTERPRISE MODELING, POEM 2015 | 2015年 / 235卷
关键词
Legacy systems; Business process modelling; Goal-oriented security requirements; Secure Tropos; BPMN; MARBLE; INFORMATION-SYSTEMS; MANAGEMENT; DESIGN; MODELS;
D O I
10.1007/978-3-319-25897-3_7
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The modernisation of enterprise legacy systems, without compromises in their functionality, is a demanding and time consuming endeavour. To retain the underlying business behaviour during their modernisation, the MARBLE TM framework has been developed for the extraction of business process models from their source code. Building on top of that work, in this paper we propose an integrated approach for transforming the extracted legacy process models into Secure Tropos goal models. Such models facilitate the elicitation of security requirements in a high level of abstraction, which are then incorporated back into the process models of the modernised systems as security features. Therefore high level models can be derived from legacy source code with minimal manual intervention, where security can be elaborated by nontechnical stakeholders in alignment with organisational objectives.
引用
收藏
页码:91 / 107
页数:17
相关论文
共 50 条
  • [31] An Intelligent System to Assessing Information Systems Security Risks in Electronic Business
    Feng, Nan
    Xie, Jing
    Chang, Peng
    2012 INTERNATIONAL SYMPOSIUM ON INFORMATION SCIENCE AND ENGINEERING (ISISE), 2012, : 303 - 306
  • [32] Gamification Strategies for Eliciting Software Requirements
    Gasca-Hurtado, Gloria Piedad
    Vega-Zepeda, Vianca
    Machuca-Villegas, Liliana
    TRENDS AND APPLICATIONS IN INFORMATION SYSTEMS AND TECHNOLOGIES, VOL 3, 2021, 1367 : 461 - 472
  • [33] BUSINESS PROCESSES MANAGEMENT AS SUPPORT TOOL IN THE INFORMATION SECURITY MANAGEMENT
    Della Flora, Fernando
    Tolfo, Cristiano
    REVISTA GEINTEC-GESTAO INOVACAO E TECNOLOGIAS, 2016, 6 (01): : 2756 - 2770
  • [34] An Experimental Study on the Design and Modeling of Security Concepts in Business Processes
    Leitner, Maria
    Schefer-Wenzl, Sigrid
    Rinderle-Ma, Stefanie
    Strembeck, Mark
    PRACTICE OF ENTERPRISE MODELING, POEM 2013, 2013, 165 : 236 - 250
  • [35] Requirements Elicitation Based on Inception Deck and Business Processes Models in Scrum
    Pastrana, Manuel
    Ordonez, Hugo
    Ordonez, Armando
    Merchan, Luis
    ADVANCES IN COMPUTING, CCC 2017, 2017, 735 : 327 - 339
  • [36] Eliciting user requirements using Appreciative inquiry
    Gonzales, Carol K.
    Leroy, Gondy
    EMPIRICAL SOFTWARE ENGINEERING, 2011, 16 (06) : 733 - 772
  • [37] Information Systems with Internal Control on Business Processes
    Marques, Rui Pedro
    Santos, Carlos
    2016 11TH IBERIAN CONFERENCE ON INFORMATION SYSTEMS AND TECHNOLOGIES (CISTI), 2016,
  • [38] BOAM: A Business Oriented Identification Approach of Microservices Within Legacy Systems
    Mahmoudi, Brahim
    Trabelsi, Imen
    Tamzalit, Dalila
    Moha, Naouel
    Gueheneuc, Yann-Gael
    SERVICE-ORIENTED COMPUTING, ICSOC 2024, PT II, 2025, 15405 : 123 - 137
  • [39] Eliciting End Users Requirements Of A Supportive System For Tacit Knowledge Management Processes In Value Networks: A Delphi Study
    Bagheri, Samaneh
    Kusters, Rob J.
    Trienekens, Jos J. M.
    2017 INTERNATIONAL CONFERENCE ON ENGINEERING, TECHNOLOGY AND INNOVATION (ICE/ITMC), 2017, : 1317 - 1326
  • [40] Requirements analysis gamification in legacy system replacement projects
    Alexandrova, Assia
    Rapanotti, Lucia
    REQUIREMENTS ENGINEERING, 2020, 25 (02) : 131 - 151
12345