Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Application of the Enterprise Model Frame for Security Requirements and Control Identification
Department of Artificial Intelligence and Systems Engineering, Riga Technical University, Riga, Latvia.
Institute of Computer Science, University of Tartu, Tartu, Estonia.
Jönköping University, School of Engineering, JTH, Computer Science and Informatics. Jönköping University, School of Engineering, JTH. Research area Computer Science and Informatics. Chair Business Information Systems, University of Rostock, Rostock, Germany. (Information Engineering)
2016 (English)In: Databases and information systems IX / [ed] Arnicans, G., Arnicane, V., Borzovs, J. Niedrite, L., Amsterdam: IOS Press, 2016, Vol. 291, p. 129-142Conference paper, Published paper (Refereed)
Abstract [en]

It is generally accepted that security requirements have to be identified as early as possible to avoid later rework in the systems development process. However, in practice quite often security aspects are considered either at the later stages of development cycles (increments in agile projects) or addressed only when problems arise. One of the reasons for difficulties of early detection of security requirements is the complexity of security requirements identification. In this paper we discuss an extension of the method for security requirements elicitation from business processes (SREBP). The extension includes the application of the enterprise model frame to provide an enterprise architecture context for analyzed business process models. The enterprise model frame covers practically all concepts of the information security related definitions; the use of the frame with the SREBP method complies with the common enterprise modeling and enterprise architecture approaches; and it use helps to consider security requirements and control at the business, application, and technology levels simultaneously.

Place, publisher, year, edition, pages
Amsterdam: IOS Press, 2016. Vol. 291, p. 129-142
Series
Frontiers in Artificial Intelligence and Applications, ISSN 0922-6389 ; 291
Keywords [en]
Security requirements elicitation, business process models, enterprise modeling
National Category
Information Systems
Identifiers
URN: urn:nbn:se:hj:diva-34921DOI: 10.3233/978-1-61499-714-6-129ISI: 000390305200010ISBN: 978-1-61499-714-6 (print)ISBN: 978-1-61499-713-9 (print)OAI: oai:DiVA.org:hj-34921DiVA, id: diva2:1070570
Conference
12th International Baltic Conference on Databases and Information Systems (DB and IS), July 04-06, Riga, Latvia,
Available from: 2017-02-01 Created: 2017-01-31 Last updated: 2018-01-13Bibliographically approved

Open Access in DiVA

Fulltext(812 kB)39 downloads
File information
File name FULLTEXT01.pdfFile size 812 kBChecksum SHA-512
469c327631bca82ccc9c8019c00f4fa0cd6da20f53e3b085626cf7b39dcbcb9fa5ec110a471872d857913fd502615ed11eaf78695e156db03fa2d16c5eda4653
Type fulltextMimetype application/pdf

Other links

Publisher's full text

Search in DiVA

By author/editor
Sandkuhl, Kurt
By organisation
JTH, Computer Science and InformaticsJTH. Research area Computer Science and Informatics
Information Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 39 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 56 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf