Ver ítem 

Mostrar el registro sencillo del ítem

Artículo

Opened Access
Formalization of security patterns as a means to infer security controls in business processes

dc.creatorVarela Vaca, Ángel Jesúses
dc.creatorMartínez Gasca, Rafaeles
dc.date.accessioned2022-11-16T11:33:47Z
dc.date.available2022-11-16T11:33:47Z
dc.date.issued2015
dc.identifier.citationVarela Vaca, Á.J. y Martínez Gasca, R. (2015). Formalization of security patterns as a means to infer security controls in business processes. Logic Journal of the IGPL, 23 (1), 57-72. https://doi.org/10.1093/jigpal/jzu042.
dc.identifier.issn1367-0751es
dc.identifier.issn1368-9894es
dc.identifier.urihttps://hdl.handle.net/11441/139505
dc.description.abstractThe growing trend towards the automation and externalization of business processes by means of Technology Infrastructure (TI), such as Business Process Management Systems, has increased the security risks in the organizations. In the majority of cases, the issue of security is overlooked by default in these systems. Therefore, the early selection and implementation of security controls that mitigate risks is a real and crucial need. Nevertheless, there exists an enormous range of IT security controls and their configuration is a human, manual, time-consuming and error-prone task. In addition, security controls are implemented out separately from the organization perspective and involve many stakeholders. This separation makes difficult to ensure the effectiveness of these controls with regard to organizational requirements. In this article, we propose a formalization of security controls based on security pattern templates and feature models. This formalization allows applying feature domain-oriented analysis and constraint programming techniques for the automatic inference, selection and generation of optimal security controls with regard to single and multiple business objectiveses
dc.description.sponsorshipJunta de Andalucía P08-TIC-04095es
dc.description.sponsorshipMinisterio de Educación y Ciencia TIN2009-13714es
dc.formatapplication/pdfes
dc.format.extent16es
dc.language.isoenges
dc.publisherOxford University Presses
dc.relation.ispartofLogic Journal of the IGPL, 23 (1), 57-72.
dc.rightsAttribution-NonCommercial-NoDerivatives 4.0 Internacional*
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/4.0/*
dc.subjectBusiness processes
dc.subjectSecurity patternses
dc.subjectFeature modeles
dc.subjectConstraint programminges
dc.subjectOptimizationes
dc.titleFormalization of security patterns as a means to infer security controls in business processeses
dc.typeinfo:eu-repo/semantics/articlees
dcterms.identifierhttps://ror.org/03yxnpp24
dc.type.versioninfo:eu-repo/semantics/submittedVersiones
dc.rights.accessRightsinfo:eu-repo/semantics/openAccesses
dc.contributor.affiliationUniversidad de Sevilla. Departamento de Lenguajes y Sistemas Informáticoses
dc.relation.projectIDP08-TIC-04095es
dc.relation.projectIDTIN2009-13714es
dc.relation.publisherversionhttps://academic.oup.com/jigpal/article/23/1/57/685166es
dc.identifier.doi10.1093/jigpal/jzu042es
dc.contributor.groupUniversidad de Sevilla. TIC-258: Data-centric Computing Research Hubes
dc.journaltitleLogic Journal of the IGPLes
dc.publication.volumen23es
dc.publication.issue1es
dc.publication.initialPage57es
dc.publication.endPage72es
dc.contributor.funderJunta de Andalucíaes
dc.contributor.funderMinisterio de Educación y Ciencia (MEC). Españaes

FicherosTamañoFormatoVerDescripción
Formalization of security patterns ...738.3KbIcon   [PDF] Ver/Abrir  

Este registro aparece en las siguientes colecciones

Mostrar el registro sencillo del ítem

Attribution-NonCommercial-NoDerivatives 4.0 Internacional
Excepto si se señala otra cosa, la licencia del ítem se describe como: Attribution-NonCommercial-NoDerivatives 4.0 Internacional