Secure activity resource coordination: empirical evidence of enhanced security awareness in designing secure business processes

Secure activity resource coordination: empirical evidence of enhanced security awareness in designing secure business processes

0.00 Avg rating0 Votes
Article ID: iaor20097286
Country: United Kingdom
Volume: 17
Issue: 5
Start Page Number: 528
End Page Number: 542
Publication Date: Oct 2008
Journal: European Journal of Information Systems
Authors: , ,
Keywords: computers: information
Abstract:

Systems development methodologies incorporate security requirements as an afterthought in the non–functional requirements of systems. The lack of appropriate access control on information exchange among business activities can leave organizations vulnerable to information assurance threats. The gap between systems development and systems security leads to software development efforts that lack an understanding of security risks. We address the research question: how can we incorporate security as a functional requirement in the analysis and modeling of business processes? This study extends the Semantic approach to Secure Collaborative Inter–Organizational eBusiness Processes in D'Aubeterre et al. (2008). In this study, we develop the secure activity resource coordination (SARC) artifact for a real–world business process. We show how SARC can be used to create business process models characterized by the secure exchange of information within and across organizational boundaries. We present an empirical evaluation of the SARC artifact against the Enriched–Use Case (Siponen et al., 2006) and standard UML–Activity Diagram to demonstrate the utility of the proposed design method.

Reviews

Required fields are marked *. Your email address will not be published.