TY - GEN
T1 - An analysis and evaluation of security aspects in the business process model and notation
AU - Leitner, Maria
AU - Miller, Michelle
AU - Rinderle-Ma, Stefanie
PY - 2013
Y1 - 2013
N2 - Enhancing existing business process modeling languages with security concepts has attracted increased attention in research and several graphical notations and symbols have been proposed. How these extensions can be comprehended by users has not been evaluated yet. However, the comprehensibility of security concepts integrated within business process models is of utmost importance for many purposes such as communication, training, and later automation within a process-aware information system. If users do not understand the security concepts, this might lead to restricted acceptance or even misinterpretation and possible security problems in the sequel. In this paper, we evaluate existing security extensions of Business Process Model and Notation (BPMN) as BPMN constitutes the de facto standard in business modeling languages nowadays. The evaluation is conducted along two lines, i.e., a literature study and a survey. The findings of both evaluations identify shortcomings and open questions of existing approaches. This will yield the basis to convey security-related information within business process models in a comprehensible way and consequently, unleash the full effects of security modeling in business processes.
AB - Enhancing existing business process modeling languages with security concepts has attracted increased attention in research and several graphical notations and symbols have been proposed. How these extensions can be comprehended by users has not been evaluated yet. However, the comprehensibility of security concepts integrated within business process models is of utmost importance for many purposes such as communication, training, and later automation within a process-aware information system. If users do not understand the security concepts, this might lead to restricted acceptance or even misinterpretation and possible security problems in the sequel. In this paper, we evaluate existing security extensions of Business Process Model and Notation (BPMN) as BPMN constitutes the de facto standard in business modeling languages nowadays. The evaluation is conducted along two lines, i.e., a literature study and a survey. The findings of both evaluations identify shortcomings and open questions of existing approaches. This will yield the basis to convey security-related information within business process models in a comprehensible way and consequently, unleash the full effects of security modeling in business processes.
KW - BPMN
KW - Business Processes
KW - Modeling
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=84892405502&partnerID=8YFLogxK
U2 - 10.1109/ARES.2013.34
DO - 10.1109/ARES.2013.34
M3 - Conference contribution
AN - SCOPUS:84892405502
SN - 9780769550084
T3 - Proceedings - 2013 International Conference on Availability, Reliability and Security, ARES 2013
SP - 262
EP - 267
BT - Proceedings - 2013 International Conference on Availability, Reliability and Security, ARES 2013
T2 - 2013 8th International Conference on Availability, Reliability and Security, ARES 2013
Y2 - 2 September 2013 through 6 September 2013
ER -