dc.creator | Varela Vaca, Ángel Jesús | es |
dc.creator | Martínez Gasca, Rafael | es |
dc.creator | Jiménez Ramírez, Andrés | es |
dc.date.accessioned | 2017-09-07T09:53:09Z | |
dc.date.available | 2017-09-07T09:53:09Z | |
dc.date.issued | 2011 | |
dc.identifier.citation | Varela Vaca, Á.J., Martínez Gasca, R. y Jiménez Ramírez, A. (2011). A Model-Driven Engineering approach with Diagnosis of Non-Conformance of Security Objectives in Business Process Models. En RCIS 2011: Fifth International Conference on Research Challenges in Information Science Gosier, France: IEEE Computer Society. | |
dc.identifier.isbn | 978-1-4244-8670-0 | es |
dc.identifier.issn | 2151-1349 | es |
dc.identifier.uri | http://hdl.handle.net/11441/64248 | |
dc.description.abstract | Several reports indicate that the highest business
priorities include: business improvement, security, and IT management.
The importance of security and risk management is
gaining that even government statements in some cases have
imposed the inclusion of security and risk management within
business management. Risk assessment has become an essential
mechanism for business security analysts, since it allows the
identification and evaluation of any threats, vulnerabilities, and
risks to which organizations maybe be exposed. In this work, a
framework based on the concepts of Model-Driven Development
has been proposed. The framework provides different stages
which range from a high abstraction level to an executable level.
The main contribution lie in the presentation of an extension of
a business process meta-model which includes risk information
based on standard approaches. The meta-model provides necessary
characteristics for the risk assessment of business process
models at an abstract level of the approach. The framework has
been equipped with specific stages for the automatic validation of
business processes using model-based diagnosis which permits the
detection of the non-conformance of security objectives specified.
The validation stages ensure that business processes are correct
with regard to the objectives specified by the customer before
they are transformed into executable processes. | es |
dc.description.sponsorship | Junta de Andalucía P08-TIC-04095 | es |
dc.description.sponsorship | Ministerio de Ciencia e Innovación TIN2009-13714 | es |
dc.format | application/pdf | es |
dc.language.iso | eng | es |
dc.publisher | IEEE Computer Society | es |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Internacional | * |
dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/ | * |
dc.subject | Business Process | es |
dc.subject | Risk management | es |
dc.subject | Risk assessment | es |
dc.subject | Security requirement | es |
dc.subject | Conformance | es |
dc.title | A Model-Driven Engineering approach with Diagnosis of Non-Conformance of Security Objectives in Business Process Models | es |
dc.type | info:eu-repo/semantics/conferenceObject | es |
dcterms.identifier | https://ror.org/03yxnpp24 | |
dc.type.version | info:eu-repo/semantics/submittedVersion | es |
dc.rights.accessRights | info:eu-repo/semantics/openAccess | es |
dc.contributor.affiliation | Universidad de Sevilla. Departamento de Lenguajes y Sistemas Informáticos | es |
dc.relation.projectID | P08-TIC-04095 | es |
dc.relation.projectID | TIN2009-13714 | es |
dc.relation.publisherversion | http://ieeexplore.ieee.org/document/6006844/ | es |
dc.identifier.doi | 10.1109/RCIS.2011.6006844 | es |
idus.format.extent | 6 | es |
dc.eventtitle | RCIS 2011: Fifth International Conference on Research Challenges in Information Science | es |
dc.eventinstitution | Gosier, France | es |
dc.relation.publicationplace | New York, USA | es |
dc.contributor.funder | Junta de Andalucía | |
dc.contributor.funder | Ministerio de Ciencia e Innovación (MICIN). España | |