A Cyber Security Ontology For Bpmn-Security Extensions

CIT/IUCC/DASC/PICOM 2015 IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY - UBIQUITOUS COMPUTING AND COMMUNICATIONS - DEPENDABLE, AUTONOMIC AND SECURE COMPUTING - PERVASIVE INTELLIGENCE AND COMPUTING(2015)

引用 21|浏览14
暂无评分
摘要
Every so often a paper is published presenting a new extension for modelling cyber security requirements in Business Process Model and Notation (BPMN). The frequent production of new extensions by experts belies the need for a richer and more expressive representation of security requirements in BPMN processes. One reason for this is that current extensions focus on only specific areas and so fail to provide adequate coverage of the cyber security domain.In this paper, we present our work considering an analysis of existing extensions and identify the security concepts used within each of them. We discuss how there is as yet no single extension which covers a comprehensive range of cyber security concepts. Consequently there is no adequate solution for accurately specifying cyber security requirements within BPMN. In order to address this, we propose a new comprehensive ontology which includes all concepts potentially modellable in BPMN related to cyber security. We explain how this ontology can be used as the basis for developing future BPMN-security extensions, and explore the challenges that must be overcome in order to develop a representation that is both effective and with adequate coverage of security requirements.
更多
查看译文
关键词
BPMN, Security Extension, Cyber Security Ontology
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要