Architectural Alignment of Access Control Requirements Extracted from Business Processes

Architectural Alignment of Access Control Requirements Extracted from Business Processes PDF Author: Pilipchuk, Roman
Publisher: KIT Scientific Publishing
ISBN: 3731512122
Category : Computers
Languages : en
Pages : 366

Get Book Here

Book Description
Business processes and information systems evolve constantly and affect each other in non-trivial ways. Aligning security requirements between both is a challenging task. This work presents an automated approach to extract access control requirements from business processes with the purpose of transforming them into a) access permissions for role-based access control and b) architectural data flow constraints to identify violations of access control in enterprise application architectures.

Architectural Alignment of Access Control Requirements Extracted from Business Processes

Architectural Alignment of Access Control Requirements Extracted from Business Processes PDF Author: Pilipchuk, Roman
Publisher: KIT Scientific Publishing
ISBN: 3731512122
Category : Computers
Languages : en
Pages : 366

Get Book Here

Book Description
Business processes and information systems evolve constantly and affect each other in non-trivial ways. Aligning security requirements between both is a challenging task. This work presents an automated approach to extract access control requirements from business processes with the purpose of transforming them into a) access permissions for role-based access control and b) architectural data flow constraints to identify violations of access control in enterprise application architectures.

Context-based Access Control and Attack Modelling and Analysis

Context-based Access Control and Attack Modelling and Analysis PDF Author: Walter, Maximilian
Publisher: KIT Scientific Publishing
ISBN: 3731513625
Category :
Languages : en
Pages : 350

Get Book Here

Book Description
This work introduces architectural security analyses for detecting access violations and attack paths in software architectures. It integrates access control policies and vulnerabilities, often analyzed separately, into a unified approach using software architecture models. Contributions include metamodels for access control and vulnerabilities, scenario-based analysis, and two attack analyses. Evaluation demonstrates high accuracy in identifying issues for secure system development.

Architectural Data Flow Analysis for Detecting Violations of Confidentiality Requirements

Architectural Data Flow Analysis for Detecting Violations of Confidentiality Requirements PDF Author: Seifermann, Stephan
Publisher: KIT Scientific Publishing
ISBN: 3731512467
Category : Computers
Languages : en
Pages : 412

Get Book Here

Book Description
Software vendors must consider confidentiality especially while creating software architectures because decisions made here are hard to change later. Our approach represents and analyzes data flows in software architectures. Systems specify data flows and confidentiality requirements specify limitations of data flows. Software architects use detected violations of these limitations to improve the system. We demonstrate how to integrate our approach into existing development processes.

Architectural Alignment of Access Control Requirements Extracted from Business Processes

Architectural Alignment of Access Control Requirements Extracted from Business Processes PDF Author: Roman Pilipchuk
Publisher:
ISBN:
Category :
Languages : en
Pages :

Get Book Here

Book Description


Evaluating Architectural Safeguards for Uncertain AI Black-Box Components

Evaluating Architectural Safeguards for Uncertain AI Black-Box Components PDF Author: Scheerer, Max
Publisher: KIT Scientific Publishing
ISBN: 373151320X
Category :
Languages : en
Pages : 472

Get Book Here

Book Description
Although tremendous progress has been made in Artificial Intelligence (AI), it entails new challenges. The growing complexity of learning tasks requires more complex AI components, which increasingly exhibit unreliable behaviour. In this book, we present a model-driven approach to model architectural safeguards for AI components and analyse their effect on the overall system reliability.

Architecture-based Evolution of Dependable Software-intensive Systems

Architecture-based Evolution of Dependable Software-intensive Systems PDF Author: Heinrich, Robert
Publisher: KIT Scientific Publishing
ISBN: 3731512947
Category :
Languages : en
Pages : 154

Get Book Here

Book Description
This cumulative habilitation thesis, proposes concepts for (i) modelling and analysing dependability based on architectural models of software-intensive systems early in development, (ii) decomposition and composition of modelling languages and analysis techniques to enable more flexibility in evolution, and (iii) bridging the divergent levels of abstraction between data of the operation phase, architectural models and source code of the development phase.

A Reference Structure for Modular Model-based Analyses

A Reference Structure for Modular Model-based Analyses PDF Author: Koch, Sandro Giovanni
Publisher: KIT Scientific Publishing
ISBN: 3731513412
Category :
Languages : en
Pages : 398

Get Book Here

Book Description
In this work, the authors analysed the co-dependency between models and analyses, particularly the structure and interdependence of artefacts and the feature-based decomposition and composition of model-based analyses. Their goal is to improve the maintainability of model-based analyses. They have investigated the co-dependency of Domain-specific Modelling Languages (DSMLs) and model-based analyses regarding evolvability, understandability, and reusability.

Consistent View-Based Management of Variability in Space and Time

Consistent View-Based Management of Variability in Space and Time PDF Author: Ananieva, Sofia
Publisher: KIT Scientific Publishing
ISBN: 3731512416
Category : Computers
Languages : en
Pages : 310

Get Book Here

Book Description
Developing variable systems faces many challenges. Dependencies between interrelated artifacts within a product variant, such as code or diagrams, across product variants and across their revisions quickly lead to inconsistencies during evolution. This work provides a unification of common concepts and operations for variability management, identifies variability-related inconsistencies and presents an approach for view-based consistency preservation of variable systems.

COBIT 5 for Information Security

COBIT 5 for Information Security PDF Author: ISACA
Publisher: ISACA
ISBN: 1604202548
Category : Business & Economics
Languages : en
Pages : 220

Get Book Here

Book Description
COBIT 5 provides a comprehensive framework that assists enterprises in achieving their objectives for the governance and management of enterprise IT. COBIT 5 enables IT to be governed and managed in a holistic manner for the entire enterprise, taking into account the full end-to-end business and IT functional areas of responsibility, considering IT-related interests of internal and external stakeholders.

Secure-by-Design Enterprise Architectures and Business Processes in Supply Chains. Handling Threats from Physical Transport Goods in Parcel Mail Services

Secure-by-Design Enterprise Architectures and Business Processes in Supply Chains. Handling Threats from Physical Transport Goods in Parcel Mail Services PDF Author: Michael Middelhoff
Publisher: Logos Verlag Berlin GmbH
ISBN: 3832557083
Category :
Languages : en
Pages : 272

Get Book Here

Book Description
Supply chain security encompasses measures preventing theft, smuggling, and sabotage through heightened awareness, enhanced visibility, and increased transparency. This necessitates the adoption of a security-by-design paradigm to achieve effective and efficient security measures, yielding additional benefits such as diminished supply chain costs. Given their vulnerability, transportation and logistics service providers play a pivotal role in supply chain security. This thesis leverages systems security engineering and security-by-design to provide a methodology for designing and evaluating security measures for physical transport goods. It formulates nine principles that define security-by-design and establishes a supply chain security framework. An adaptation of the TOGAF architecture development facilitates the creation of secure-by-design enterprise architectures. Security measures are documented using security-enhanced processes based on BPMN. This enables an analysis and compliance assessment to ascertain the alignment of security with business objectives and the adequate implementation of requirements. The culmination of these efforts is exemplified through a case study.