Eliciting Security Requirements for Business Processes of Legacy Systems

被引：6

作者：

Argyropoulos, Nikolaos ^{[1
]}

Marquez Alcaniz, Luis ^{[2
]}

Mouratidis, Haralambos ^{[1
]}

Fish, Andrew ^{[1
]}

Rosado, David G. ^{[3
]}

Garcia-Rodriguez de Guzman, Ignacio ^{[3
]}

Fernandez-Medina, Eduardo ^{[3
]}

机构：

[1] Univ Brighton, Watts Bldg,Lewes Rd, Brighton BN2 4GJ, E Sussex, England

[2] Spanish Natl Author Markets & Competit CNMC, Madrid, Spain

[3] Univ Castilla La Mancha, E-13071 Ciudad Real, Spain

来源：

PRACTICE OF ENTERPRISE MODELING, POEM 2015 | 2015年 / 235卷

关键词：

Legacy systems; Business process modelling; Goal-oriented security requirements; Secure Tropos; BPMN; MARBLE; INFORMATION-SYSTEMS; MANAGEMENT; DESIGN; MODELS;

D O I：

10.1007/978-3-319-25897-3_7

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The modernisation of enterprise legacy systems, without compromises in their functionality, is a demanding and time consuming endeavour. To retain the underlying business behaviour during their modernisation, the MARBLE TM framework has been developed for the extraction of business process models from their source code. Building on top of that work, in this paper we propose an integrated approach for transforming the extracted legacy process models into Secure Tropos goal models. Such models facilitate the elicitation of security requirements in a high level of abstraction, which are then incorporated back into the process models of the modernised systems as security features. Therefore high level models can be derived from legacy source code with minimal manual intervention, where security can be elaborated by nontechnical stakeholders in alignment with organisational objectives.

引用

页码：91 / 107

页数：17

共 50 条

[41] A Roadmap for Upgrading Unupgradable Legacy Processes in Inter-Organizational Middleware Systems A Doctoral Research
Jrad, Radhouane B. N.
2014 IEEE EIGHTH INTERNATIONAL CONFERENCE ON RESEARCH CHALLENGES IN INFORMATION SCIENCE (RCIS), 2014,
[42] Securing business processes using security risk-oriented patterns
Ahmed, Naved
Matulevicius, Raimundas
COMPUTER STANDARDS & INTERFACES, 2014, 36 (04) : 723 - 733
[43] Identifying Business Rules to Legacy Systems Reengineering Based on BPM and SOA
do Nascimento, Gleison S.
Iochpe, Cirano
Thom, Lucineia
Kalsing, Andre C.
Moreira, Alvaro
COMPUTATIONAL SCIENCE AND ITS APPLICATIONS - ICCSA 2012, PT IV, 2012, 7336 : 67 - 82
[44] Modeling of Security Fault-Tolerant Requirements for Secure Systems
Pathirage, Don
Shin, Michael
Jang, Dongsoo
INTERNATIONAL JOURNAL OF SOFTWARE ENGINEERING AND KNOWLEDGE ENGINEERING, 2023, 33 (01) : 23 - 53
[45] Detecting Conflicts Between Data-Minimization and Security Requirements in Business Process Models
Ramadan, Qusai
Strueber, Daniel
Salnitri, Mattia
Riediger, Volker
Juerjens, Jan
MODELLING FOUNDATIONS AND APPLICATIONS (ECMFA 2018), 2018, 10890 : 179 - 198
[46] Obtaining secure business process models from an enterprise architecture considering security requirements
San Martin, Luis
Rodriguez, Alfonso
Caro, Angelica
Velasquez, Ignacio
BUSINESS PROCESS MANAGEMENT JOURNAL, 2022, 28 (01) : 150 - 177
[47] Information systems driving IT alignment to business strategy: The IT security cases
Frigerio, Chiara
Rajola, Federico
Santuccio, Alessia
WMSCI 2006: 10TH WORLD MULTI-CONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL VI, PROCEEDINGS, 2006, : 266 - +
[48] On-the-fly Collaboration for Legacy Business Process Systems in An Open Service Environment
Ye, Lin
Zhu, Biqi
Hu, Chenglong
Zhang, Liang
Truong, Hong-Linh
2019 IEEE INTERNATIONAL CONFERENCE ON WEB SERVICES (IEEE ICWS 2019), 2019, : 393 - 397
[49] Reliability of AAL Systems Modeled as BPMN Business Processes
Respicio, Ana
Martinho, Ricardo
Domingos, Dulce
ENTERPRISE INFORMATION SYSTEMS, ICEIS 2016, 2017, 291 : 535 - 550
[50] Challenges in migrating legacy software systems to the cloud an empirical study
Gholami, Mahdi Fahmideh
Daneshgar, Farhad
Beydoun, Ghassan
Rabhi, Fethi
INFORMATION SYSTEMS, 2017, 67 : 100 - 113

← 1 2 3 4 5 →