DocumentCode :
3716731
Title :
A Cyber Security Ontology for BPMN-Security Extensions
Author :
Curtis L. Maines;David Llewellyn-Jones;Stephen Tang;Bo Zhou
Author_Institution :
Dept. of Comput. Sci., Liverpool John Moores Univ., Liverpool, UK
fYear :
2015
Firstpage :
1756
Lastpage :
1763
Abstract :
Every so often a paper is published presenting a new extension for modelling cyber security requirements in Business Process Model and Notation (BPMN). The frequent production of new extensions by experts belies the need for a richer and more expressive representation of security requirements in BPMN processes. One reason for this is that current extensions focus on only specific areas and so fail to provide adequate coverage of the cyber security domain. In this paper, we present our work considering an analysis of existing extensions and identify the security concepts used within each of them. We discuss how there is as yet no single extension which covers a comprehensive range of cyber security concepts. Consequently there is no adequate solution for accurately specifying cyber security requirements within BPMN. In order to address this, we propose a new comprehensive ontology which includes all concepts potentially modellable in BPMN related to cyber security. We explain how this ontology can be used as the basis for developing future BPMN-security extensions, and explore the challenges that must be overcome in order to develop a representation that is both effective and with adequate coverage of security requirements.
Keywords :
"Business","Computer security","Ontologies","Privacy","Authorization"
Publisher :
ieee
Conference_Titel :
Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM), 2015 IEEE International Conference on
Type :
conf
DOI :
10.1109/CIT/IUCC/DASC/PICOM.2015.265
Filename :
7363310
Link To Document :
بازگشت