TY - GEN
T1 - A language for multi-perspective modelling of IT security
T2 - International Workshop on Business Process Management, BPM 2012
AU - Goldstein, Anat
AU - Frank, Ulrich
PY - 2013
Y1 - 2013
N2 - Effectively protecting information systems is a pivotal responsibility of (IT) management, which faces many challenges: technological complexities, business complexities, various stakeholders and conflicting requirements. Yet, there is no holistic modelling approach that comprehensively addresses all these challenges, while accounting for technical, organizational and business aspects. This paper analyzes the requirements of such a comprehensive modelling method for IT security design and management. We argue that enterprise modelling is most suitable to serve as a foundation for such an approach. We apply a method for developing domain specific modelling languages (DSML) that is chiefly based on a structured analysis of use scenarios including prototypical diagrams. It is supplemented by requirements found in literature. Our analysis results in 23 requirements that should be satisfied by the targeted modelling method. These results are intended to serve as a foundation for discussion and discursive evaluation by peers and domain experts.
AB - Effectively protecting information systems is a pivotal responsibility of (IT) management, which faces many challenges: technological complexities, business complexities, various stakeholders and conflicting requirements. Yet, there is no holistic modelling approach that comprehensively addresses all these challenges, while accounting for technical, organizational and business aspects. This paper analyzes the requirements of such a comprehensive modelling method for IT security design and management. We argue that enterprise modelling is most suitable to serve as a foundation for such an approach. We apply a method for developing domain specific modelling languages (DSML) that is chiefly based on a structured analysis of use scenarios including prototypical diagrams. It is supplemented by requirements found in literature. Our analysis results in 23 requirements that should be satisfied by the targeted modelling method. These results are intended to serve as a foundation for discussion and discursive evaluation by peers and domain experts.
KW - DSML
KW - IT security
KW - MEMO
KW - enterprise modeling
KW - information security
UR - http://www.scopus.com/inward/record.url?scp=84873208679&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-36285-9_64
DO - 10.1007/978-3-642-36285-9_64
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84873208679
SN - 9783642362842
T3 - Lecture Notes in Business Information Processing
SP - 636
EP - 648
BT - Business Process Management Workshops - BPM 2012 International Workshops, Revised Papers
Y2 - 3 September 2012 through 3 September 2012
ER -