Goal-equivalent secure business process re-engineering
Publikation: Bidrag til tidsskrift › Konferenceartikel › Forskning › fagfællebedømt
Standard
Goal-equivalent secure business process re-engineering. / López, Hugo A.; Massacci, Fabio; Zannone, Nicola.
I: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Bind 4907 LNCS, 23.02.2009, s. 212-223.Publikation: Bidrag til tidsskrift › Konferenceartikel › Forskning › fagfællebedømt
Harvard
APA
Vancouver
Author
Bibtex
}
RIS
TY - GEN
T1 - Goal-equivalent secure business process re-engineering
AU - López, Hugo A.
AU - Massacci, Fabio
AU - Zannone, Nicola
PY - 2009/2/23
Y1 - 2009/2/23
N2 - The introduction of information technologies in health care systems often requires to re-engineer the business processes used to deliver care. Obviously, the new and re-engineered processes are observationally different and thus we cannot use existing model-based techniques to argue that they are somehow "equivalent". In this paper we propose a method for passing from SI, a modeling language for capturing and modeling functional, security, and trust organizational and system requirements, to business process specifications and vice versa. In particular, starting from an old secure business process, we reconstruct the functional and security requirements at organizational level that such a business process was supposed to meet (including the trust relations that existed among the members of the organization). To ensure that the re-engineered business process meets the elicited requirements, we employ a notion of equivalence based on goal-equivalence. Basically, we verify if the execution of the business process, described in terms of the trace it generates, satisfies the organizational model. We motivate and illustrate the method with an e-health case study.
AB - The introduction of information technologies in health care systems often requires to re-engineer the business processes used to deliver care. Obviously, the new and re-engineered processes are observationally different and thus we cannot use existing model-based techniques to argue that they are somehow "equivalent". In this paper we propose a method for passing from SI, a modeling language for capturing and modeling functional, security, and trust organizational and system requirements, to business process specifications and vice versa. In particular, starting from an old secure business process, we reconstruct the functional and security requirements at organizational level that such a business process was supposed to meet (including the trust relations that existed among the members of the organization). To ensure that the re-engineered business process meets the elicited requirements, we employ a notion of equivalence based on goal-equivalence. Basically, we verify if the execution of the business process, described in terms of the trace it generates, satisfies the organizational model. We motivate and illustrate the method with an e-health case study.
UR - http://www.scopus.com/inward/record.url?scp=60349095685&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-93851-4_21
DO - 10.1007/978-3-540-93851-4_21
M3 - Conference article
AN - SCOPUS:60349095685
VL - 4907 LNCS
SP - 212
EP - 223
JO - Lecture Notes in Bioinformatics
JF - Lecture Notes in Bioinformatics
SN - 1611-3349
T2 - International Conference on Service-Oriented Computing, ICSOC 2007
Y2 - 17 September 2007 through 17 September 2007
ER -
ID: 235144886