Goal-equivalent secure business process re-engineering

H.A. López; F. Massacci; N. Zannone

doi:10.1007/978-3-540-93851-4_21

Goal-equivalent secure business process re-engineering

H.A. López, F. Massacci, N. Zannone

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

7 Citations (Scopus)

Abstract

The introduction of information technologies in health care systems often requires to re-engineer the business processes used to deliver care. Obviously, the new and re-engineered processes are observationally different and thus we cannot use existing model-based techniques to argue that they are somehow “equivalent”. In this paper we propose a method for passing from SI*, a modeling language for capturing and modeling functional, security, and trust organizational and system requirements, to business process specifications and vice versa. In particular, starting from an old secure business process, we reconstruct the functional and security requirements at organizational level that such a business process was supposed to meet (including the trust relations that existed among the members of the organization). To ensure that the re-engineered business process meets the elicited requirements, we employ a notion of equivalence based on goal-equivalence. Basically, we verify if the execution of the business process, described in terms of the trace it generates, satisfies the organizational model. We motivate and illustrate the method with an e-health case study.

Original language	English
Title of host publication	Service-Oriented Computing
Subtitle of host publication	ICSOC 2007 Workshops, International Workshops, Vienna, Austria, September 17, 2007, Revised Selected Papers
Editors	E. Di Nitto, M. Ripeanu
Place of Publication	Berlin
Publisher	Springer
Chapter	21
Pages	212-223
Number of pages	12
ISBN (Electronic)	978-3-540-93851-4
ISBN (Print)	978-3-540-93850-7
DOIs	https://doi.org/10.1007/978-3-540-93851-4_21
Publication status	Published - 2009

Publication series

Name	Lecture Notes in Computer Science (LNCS)
Volume	4907
ISSN (Print)	0302-9743

Access to Document

10.1007/978-3-540-93851-4_21

Cite this

López, H. A., Massacci, F., & Zannone, N. (2009). Goal-equivalent secure business process re-engineering. In E. Di Nitto, & M. Ripeanu (Eds.), Service-Oriented Computing : ICSOC 2007 Workshops, International Workshops, Vienna, Austria, September 17, 2007, Revised Selected Papers (pp. 212-223). (Lecture Notes in Computer Science (LNCS); Vol. 4907). Springer. https://doi.org/10.1007/978-3-540-93851-4_21

@inproceedings{b9777d6f86d44870acb55b6e94d8a1d6,

title = "Goal-equivalent secure business process re-engineering",

abstract = "The introduction of information technologies in health care systems often requires to re-engineer the business processes used to deliver care. Obviously, the new and re-engineered processes are observationally different and thus we cannot use existing model-based techniques to argue that they are somehow “equivalent”. In this paper we propose a method for passing from SI*, a modeling language for capturing and modeling functional, security, and trust organizational and system requirements, to business process specifications and vice versa. In particular, starting from an old secure business process, we reconstruct the functional and security requirements at organizational level that such a business process was supposed to meet (including the trust relations that existed among the members of the organization). To ensure that the re-engineered business process meets the elicited requirements, we employ a notion of equivalence based on goal-equivalence. Basically, we verify if the execution of the business process, described in terms of the trace it generates, satisfies the organizational model. We motivate and illustrate the method with an e-health case study.",

author = "H.A. L{\'o}pez and F. Massacci and N. Zannone",

year = "2009",

doi = "10.1007/978-3-540-93851-4_21",

language = "English",

isbn = "978-3-540-93850-7",

series = "Lecture Notes in Computer Science (LNCS)",

publisher = "Springer",

pages = "212--223",

editor = "{Di Nitto}, E. and M. Ripeanu",

booktitle = "Service-Oriented Computing",

address = "Germany",

}

López, HA, Massacci, F & Zannone, N 2009, Goal-equivalent secure business process re-engineering. in E Di Nitto & M Ripeanu (eds), Service-Oriented Computing : ICSOC 2007 Workshops, International Workshops, Vienna, Austria, September 17, 2007, Revised Selected Papers. Lecture Notes in Computer Science (LNCS), vol. 4907, Springer, Berlin, pp. 212-223. https://doi.org/10.1007/978-3-540-93851-4_21

Goal-equivalent secure business process re-engineering. / López, H.A.; Massacci, F.; Zannone, N.

Service-Oriented Computing : ICSOC 2007 Workshops, International Workshops, Vienna, Austria, September 17, 2007, Revised Selected Papers. ed. / E. Di Nitto; M. Ripeanu. Berlin : Springer, 2009. p. 212-223 (Lecture Notes in Computer Science (LNCS); Vol. 4907).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Goal-equivalent secure business process re-engineering

AU - López, H.A.

AU - Massacci, F.

AU - Zannone, N.

PY - 2009

Y1 - 2009

N2 - The introduction of information technologies in health care systems often requires to re-engineer the business processes used to deliver care. Obviously, the new and re-engineered processes are observationally different and thus we cannot use existing model-based techniques to argue that they are somehow “equivalent”. In this paper we propose a method for passing from SI*, a modeling language for capturing and modeling functional, security, and trust organizational and system requirements, to business process specifications and vice versa. In particular, starting from an old secure business process, we reconstruct the functional and security requirements at organizational level that such a business process was supposed to meet (including the trust relations that existed among the members of the organization). To ensure that the re-engineered business process meets the elicited requirements, we employ a notion of equivalence based on goal-equivalence. Basically, we verify if the execution of the business process, described in terms of the trace it generates, satisfies the organizational model. We motivate and illustrate the method with an e-health case study.

AB - The introduction of information technologies in health care systems often requires to re-engineer the business processes used to deliver care. Obviously, the new and re-engineered processes are observationally different and thus we cannot use existing model-based techniques to argue that they are somehow “equivalent”. In this paper we propose a method for passing from SI*, a modeling language for capturing and modeling functional, security, and trust organizational and system requirements, to business process specifications and vice versa. In particular, starting from an old secure business process, we reconstruct the functional and security requirements at organizational level that such a business process was supposed to meet (including the trust relations that existed among the members of the organization). To ensure that the re-engineered business process meets the elicited requirements, we employ a notion of equivalence based on goal-equivalence. Basically, we verify if the execution of the business process, described in terms of the trace it generates, satisfies the organizational model. We motivate and illustrate the method with an e-health case study.

U2 - 10.1007/978-3-540-93851-4_21

DO - 10.1007/978-3-540-93851-4_21

M3 - Conference contribution

SN - 978-3-540-93850-7

T3 - Lecture Notes in Computer Science (LNCS)

SP - 212

EP - 223

BT - Service-Oriented Computing

A2 - Di Nitto, E.

A2 - Ripeanu, M.

PB - Springer

CY - Berlin

ER -

López HA, Massacci F, Zannone N. Goal-equivalent secure business process re-engineering. In Di Nitto E, Ripeanu M, editors, Service-Oriented Computing : ICSOC 2007 Workshops, International Workshops, Vienna, Austria, September 17, 2007, Revised Selected Papers. Berlin: Springer. 2009. p. 212-223. (Lecture Notes in Computer Science (LNCS)). https://doi.org/10.1007/978-3-540-93851-4_21

Goal-equivalent secure business process re-engineering

Abstract

Publication series

Access to Document

Fingerprint

Cite this