Assessing business process security: A service-oriented approach

Ernesto Damiani, Mariagrazia Fugini, Karl Reed

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations

Abstract

The aim of this paper is to present some preliminary ideas about practical metrics and measurements useful for (i) assessing business process risk at design time and (ii) computing security and trust metrics at run time on business process orchestrations. In particular, the study is focused on a priori metrics applied to behavioral specifications of business processes (e.g., business rules and UML 2.0 /UMM diagrams) and to run-time metrics applied to the high-level eservices composing them. Design-time metrics deal with the risk connected to information leaking (including privacy-related concerns) and to other disclosure threats, while run-time service-oriented metrics regard security as a Quality of Service, and therefore include factors like trustworthiness, completeness, and correctness of the services composing the business process when deployed on a Service Oriented Architecture (SOA).

Original languageBritish English
Title of host publicationAssociation for Information Systems - 13th Americas Conference on Information Systems, AMCIS 2007
Subtitle of host publicationReaching New Heights
Pages4342-4350
Number of pages9
StatePublished - 2007
Event13th Americas Conference on Information Systems, AMCIS 2007 - Keystone, CO, United States
Duration: 10 Aug 200712 Aug 2007

Publication series

NameAssociation for Information Systems - 13th Americas Conference on Information Systems, AMCIS 2007: Reaching New Heights
Volume6

Conference

Conference13th Americas Conference on Information Systems, AMCIS 2007
Country/TerritoryUnited States
CityKeystone, CO
Period10/08/0712/08/07

Fingerprint

Dive into the research topics of 'Assessing business process security: A service-oriented approach'. Together they form a unique fingerprint.

Cite this