Paper Info
Title
Application of the Enterprise Model Frame for Security Requirements and Control Identification.
Abstract
It is generally accepted that security requirements have to be identified as early as possible to avoid later rework in the systems development process. However, in practice quite often security aspects are considered either at the later stages of development cycles (increments in agile projects) or addressed only when problems arise. One of the reasons for difficulties of early detection of security requirements is the complexity of security requirements identification. In this paper we discuss an extension of the method for security requirements elicitation from business processes (SREBP). The extension includes the application of the enterprise model frame to provide an enterprise architecture context for analyzed business process models. The enterprise model frame covers practically all concepts of the information security related definitions; the use of the frame with the SREBP method complies with the common enterprise modeling and enterprise architecture approaches; and it use helps to consider security requirements and control at the business, application, and technology levels simultaneously.
Year
DOI
Venue
2016
10.3233/978-1-61499-714-6-129
Frontiers in Artificial Intelligence and Applications
Keywords
DocType
Volume
Security requirements elicitation,business process models,enterprise modeling
Conference
291
ISSN
Citations 
PageRank 
0922-6389
0
0.34
References 
Authors
0
3
Name
Order
Citations
PageRank
Marite Kirikova129975.35
Raimundas Matulevičius245944.97
Kurt Sandkuhl3522105.61