Author: Pilipchuk, Roman
Publisher: KIT Scientific Publishing
ISBN: 3731512122
Category : Computers
Languages : en
Pages : 366
Book Description
Business processes and information systems evolve constantly and affect each other in non-trivial ways. Aligning security requirements between both is a challenging task. This work presents an automated approach to extract access control requirements from business processes with the purpose of transforming them into a) access permissions for role-based access control and b) architectural data flow constraints to identify violations of access control in enterprise application architectures.
Architectural Alignment of Access Control Requirements Extracted from Business Processes
Author: Pilipchuk, Roman
Publisher: KIT Scientific Publishing
ISBN: 3731512122
Category : Computers
Languages : en
Pages : 366
Book Description
Business processes and information systems evolve constantly and affect each other in non-trivial ways. Aligning security requirements between both is a challenging task. This work presents an automated approach to extract access control requirements from business processes with the purpose of transforming them into a) access permissions for role-based access control and b) architectural data flow constraints to identify violations of access control in enterprise application architectures.
Publisher: KIT Scientific Publishing
ISBN: 3731512122
Category : Computers
Languages : en
Pages : 366
Book Description
Business processes and information systems evolve constantly and affect each other in non-trivial ways. Aligning security requirements between both is a challenging task. This work presents an automated approach to extract access control requirements from business processes with the purpose of transforming them into a) access permissions for role-based access control and b) architectural data flow constraints to identify violations of access control in enterprise application architectures.
Context-based Access Control and Attack Modelling and Analysis
Author: Walter, Maximilian
Publisher: KIT Scientific Publishing
ISBN: 3731513625
Category :
Languages : en
Pages : 350
Book Description
This work introduces architectural security analyses for detecting access violations and attack paths in software architectures. It integrates access control policies and vulnerabilities, often analyzed separately, into a unified approach using software architecture models. Contributions include metamodels for access control and vulnerabilities, scenario-based analysis, and two attack analyses. Evaluation demonstrates high accuracy in identifying issues for secure system development.
Publisher: KIT Scientific Publishing
ISBN: 3731513625
Category :
Languages : en
Pages : 350
Book Description
This work introduces architectural security analyses for detecting access violations and attack paths in software architectures. It integrates access control policies and vulnerabilities, often analyzed separately, into a unified approach using software architecture models. Contributions include metamodels for access control and vulnerabilities, scenario-based analysis, and two attack analyses. Evaluation demonstrates high accuracy in identifying issues for secure system development.
Architectural Data Flow Analysis for Detecting Violations of Confidentiality Requirements
Author: Seifermann, Stephan
Publisher: KIT Scientific Publishing
ISBN: 3731512467
Category : Computers
Languages : en
Pages : 412
Book Description
Software vendors must consider confidentiality especially while creating software architectures because decisions made here are hard to change later. Our approach represents and analyzes data flows in software architectures. Systems specify data flows and confidentiality requirements specify limitations of data flows. Software architects use detected violations of these limitations to improve the system. We demonstrate how to integrate our approach into existing development processes.
Publisher: KIT Scientific Publishing
ISBN: 3731512467
Category : Computers
Languages : en
Pages : 412
Book Description
Software vendors must consider confidentiality especially while creating software architectures because decisions made here are hard to change later. Our approach represents and analyzes data flows in software architectures. Systems specify data flows and confidentiality requirements specify limitations of data flows. Software architects use detected violations of these limitations to improve the system. We demonstrate how to integrate our approach into existing development processes.
Architectural Alignment of Access Control Requirements Extracted from Business Processes
Author: Roman Pilipchuk
Publisher:
ISBN:
Category :
Languages : en
Pages :
Book Description
Publisher:
ISBN:
Category :
Languages : en
Pages :
Book Description
Evaluating Architectural Safeguards for Uncertain AI Black-Box Components
Author: Scheerer, Max
Publisher: KIT Scientific Publishing
ISBN: 373151320X
Category :
Languages : en
Pages : 472
Book Description
Although tremendous progress has been made in Artificial Intelligence (AI), it entails new challenges. The growing complexity of learning tasks requires more complex AI components, which increasingly exhibit unreliable behaviour. In this book, we present a model-driven approach to model architectural safeguards for AI components and analyse their effect on the overall system reliability.
Publisher: KIT Scientific Publishing
ISBN: 373151320X
Category :
Languages : en
Pages : 472
Book Description
Although tremendous progress has been made in Artificial Intelligence (AI), it entails new challenges. The growing complexity of learning tasks requires more complex AI components, which increasingly exhibit unreliable behaviour. In this book, we present a model-driven approach to model architectural safeguards for AI components and analyse their effect on the overall system reliability.
Architecture-based Evolution of Dependable Software-intensive Systems
Author: Heinrich, Robert
Publisher: KIT Scientific Publishing
ISBN: 3731512947
Category :
Languages : en
Pages : 154
Book Description
This cumulative habilitation thesis, proposes concepts for (i) modelling and analysing dependability based on architectural models of software-intensive systems early in development, (ii) decomposition and composition of modelling languages and analysis techniques to enable more flexibility in evolution, and (iii) bridging the divergent levels of abstraction between data of the operation phase, architectural models and source code of the development phase.
Publisher: KIT Scientific Publishing
ISBN: 3731512947
Category :
Languages : en
Pages : 154
Book Description
This cumulative habilitation thesis, proposes concepts for (i) modelling and analysing dependability based on architectural models of software-intensive systems early in development, (ii) decomposition and composition of modelling languages and analysis techniques to enable more flexibility in evolution, and (iii) bridging the divergent levels of abstraction between data of the operation phase, architectural models and source code of the development phase.
A Reference Structure for Modular Model-based Analyses
Author: Koch, Sandro Giovanni
Publisher: KIT Scientific Publishing
ISBN: 3731513412
Category :
Languages : en
Pages : 398
Book Description
In this work, the authors analysed the co-dependency between models and analyses, particularly the structure and interdependence of artefacts and the feature-based decomposition and composition of model-based analyses. Their goal is to improve the maintainability of model-based analyses. They have investigated the co-dependency of Domain-specific Modelling Languages (DSMLs) and model-based analyses regarding evolvability, understandability, and reusability.
Publisher: KIT Scientific Publishing
ISBN: 3731513412
Category :
Languages : en
Pages : 398
Book Description
In this work, the authors analysed the co-dependency between models and analyses, particularly the structure and interdependence of artefacts and the feature-based decomposition and composition of model-based analyses. Their goal is to improve the maintainability of model-based analyses. They have investigated the co-dependency of Domain-specific Modelling Languages (DSMLs) and model-based analyses regarding evolvability, understandability, and reusability.
Consistent View-Based Management of Variability in Space and Time
Author: Ananieva, Sofia
Publisher: KIT Scientific Publishing
ISBN: 3731512416
Category : Computers
Languages : en
Pages : 310
Book Description
Developing variable systems faces many challenges. Dependencies between interrelated artifacts within a product variant, such as code or diagrams, across product variants and across their revisions quickly lead to inconsistencies during evolution. This work provides a unification of common concepts and operations for variability management, identifies variability-related inconsistencies and presents an approach for view-based consistency preservation of variable systems.
Publisher: KIT Scientific Publishing
ISBN: 3731512416
Category : Computers
Languages : en
Pages : 310
Book Description
Developing variable systems faces many challenges. Dependencies between interrelated artifacts within a product variant, such as code or diagrams, across product variants and across their revisions quickly lead to inconsistencies during evolution. This work provides a unification of common concepts and operations for variability management, identifies variability-related inconsistencies and presents an approach for view-based consistency preservation of variable systems.
COBIT 5 for Information Security
Author: ISACA
Publisher: ISACA
ISBN: 1604202548
Category : Business & Economics
Languages : en
Pages : 220
Book Description
COBIT 5 provides a comprehensive framework that assists enterprises in achieving their objectives for the governance and management of enterprise IT. COBIT 5 enables IT to be governed and managed in a holistic manner for the entire enterprise, taking into account the full end-to-end business and IT functional areas of responsibility, considering IT-related interests of internal and external stakeholders.
Publisher: ISACA
ISBN: 1604202548
Category : Business & Economics
Languages : en
Pages : 220
Book Description
COBIT 5 provides a comprehensive framework that assists enterprises in achieving their objectives for the governance and management of enterprise IT. COBIT 5 enables IT to be governed and managed in a holistic manner for the entire enterprise, taking into account the full end-to-end business and IT functional areas of responsibility, considering IT-related interests of internal and external stakeholders.
Secure-by-Design Enterprise Architectures and Business Processes in Supply Chains. Handling Threats from Physical Transport Goods in Parcel Mail Services
Author: Michael Middelhoff
Publisher: Logos Verlag Berlin GmbH
ISBN: 3832557083
Category :
Languages : en
Pages : 272
Book Description
Supply chain security encompasses measures preventing theft, smuggling, and sabotage through heightened awareness, enhanced visibility, and increased transparency. This necessitates the adoption of a security-by-design paradigm to achieve effective and efficient security measures, yielding additional benefits such as diminished supply chain costs. Given their vulnerability, transportation and logistics service providers play a pivotal role in supply chain security. This thesis leverages systems security engineering and security-by-design to provide a methodology for designing and evaluating security measures for physical transport goods. It formulates nine principles that define security-by-design and establishes a supply chain security framework. An adaptation of the TOGAF architecture development facilitates the creation of secure-by-design enterprise architectures. Security measures are documented using security-enhanced processes based on BPMN. This enables an analysis and compliance assessment to ascertain the alignment of security with business objectives and the adequate implementation of requirements. The culmination of these efforts is exemplified through a case study.
Publisher: Logos Verlag Berlin GmbH
ISBN: 3832557083
Category :
Languages : en
Pages : 272
Book Description
Supply chain security encompasses measures preventing theft, smuggling, and sabotage through heightened awareness, enhanced visibility, and increased transparency. This necessitates the adoption of a security-by-design paradigm to achieve effective and efficient security measures, yielding additional benefits such as diminished supply chain costs. Given their vulnerability, transportation and logistics service providers play a pivotal role in supply chain security. This thesis leverages systems security engineering and security-by-design to provide a methodology for designing and evaluating security measures for physical transport goods. It formulates nine principles that define security-by-design and establishes a supply chain security framework. An adaptation of the TOGAF architecture development facilitates the creation of secure-by-design enterprise architectures. Security measures are documented using security-enhanced processes based on BPMN. This enables an analysis and compliance assessment to ascertain the alignment of security with business objectives and the adequate implementation of requirements. The culmination of these efforts is exemplified through a case study.