Article

Integration of an Ontological Information Security Concept in Risk Aware Business Process Management

Authors:

and Thomas MuckAuthors Info & Claims

HICSS '08: Proceedings of the Proceedings of the 41st Annual Hawaii International Conference on System Sciences

Page 377

https://doi.org/10.1109/HICSS.2008.211

Published: 07 January 2008 Publication History

Publisher Site

Abstract

priately counteract occurring threats has increasingly become a crucial success factor. Traditional business process management provides concepts for the economical optimization of processes, while risk management focuses on the design of robust business processes. While aiming at the same goal, namely the improve- ment of business, the approaches how to reach this vary, due to a different understanding of improvement. Following this, op- timizing recommendations of business process management and risk management may be contradictory. Therefore, we proposed a unified method, integrating both points of views to enable risk-aware business process management and optimization. In this paper, we briefly describe the ROPE (Risk-Oriented Process Evaluation) methodology and the Security Ontology concept, which provides a solid knowledge base for an applicable and holistic company specific IT security approach. This heavy-weight ontology provides structured knowledge regarding the relations between threats, safeguards, and assets, which are crucial for modeling processes in ROPE. We show how the integration of the Security Ontology's knowledge base enhances the applicability of the ROPE methodology leading to improved risk-aware business process management.

Cited By

View all

Alotaibi Y(2016)Business process modelling challenges and solutionsJournal of Intelligent Manufacturing10.1007/s10845-014-0917-427:4(701-723)Online publication date: 1-Aug-2016
https://dl.acm.org/doi/10.1007/s10845-014-0917-4
Blanco CLasheras JFernández-Medina EValencia-García RToval A(2011)Basis for an integrated security ontology according to a systematic review of existing proposalsComputer Standards & Interfaces10.1016/j.csi.2010.12.00233:4(372-388)Online publication date: 1-Jun-2011
https://dl.acm.org/doi/10.1016/j.csi.2010.12.002
Parkin Svan Moorsel AColes RElçi AMakarevich OOrgun MChefranov APieprzyk JBryukhomitsky YÖrs S(2009)An information security ontology incorporating human-behavioural implicationsProceedings of the 2nd international conference on Security of information and networks10.1145/1626195.1626209(46-55)Online publication date: 6-Oct-2009
https://dl.acm.org/doi/10.1145/1626195.1626209
Show More Cited By

Index Terms

Integration of an Ontological Information Security Concept in Risk Aware Business Process Management

Recommendations

Enabling security risk assessment and management for business process models
Abstract
Business processes (BP) are considered the enterprise’s cornerstone but are increasingly in the spotlight of attacks. Therefore, the design of business processes must consider the security risks and be adequately integrated into the information ...
Process Risk Management in B2B E-Business
IITA '09: Proceedings of the 2009 Third International Symposium on Intelligent Information Technology Application - Volume 01

Business process risk management is an important part in E-Business. In this paper, with deep investigation to a Chinese international trade company, we research E-Business process risks and find relevant risk mitigation instruments, which will be ...
Process risk management in B2B E-business
IITA'09: Proceedings of the 3rd international conference on Intelligent information technology application

Business process risk management is an important part in E-Business. In this paper, with deep investigation to a Chinese international trade company, we research E-Business process risks and find relevant risk mitigation instruments, which will be ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

HICSS '08: Proceedings of the Proceedings of the 41st Annual Hawaii International Conference on System Sciences

January 2008

ISBN:0769530758

Publisher

IEEE Computer Society

United States

Publication History

Published: 07 January 2008

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 21 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Alotaibi Y(2016)Business process modelling challenges and solutionsJournal of Intelligent Manufacturing10.1007/s10845-014-0917-427:4(701-723)Online publication date: 1-Aug-2016
https://dl.acm.org/doi/10.1007/s10845-014-0917-4
Blanco CLasheras JFernández-Medina EValencia-García RToval A(2011)Basis for an integrated security ontology according to a systematic review of existing proposalsComputer Standards & Interfaces10.1016/j.csi.2010.12.00233:4(372-388)Online publication date: 1-Jun-2011
https://dl.acm.org/doi/10.1016/j.csi.2010.12.002
Parkin Svan Moorsel AColes RElçi AMakarevich OOrgun MChefranov APieprzyk JBryukhomitsky YÖrs S(2009)An information security ontology incorporating human-behavioural implicationsProceedings of the 2nd international conference on Security of information and networks10.1145/1626195.1626209(46-55)Online publication date: 6-Oct-2009
https://dl.acm.org/doi/10.1145/1626195.1626209
Wang JGuo M(2009)OVMProceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies10.1145/1558607.1558646(1-4)Online publication date: 13-Apr-2009
https://dl.acm.org/doi/10.1145/1558607.1558646
Wang JGuo MWang HXia MZhou L(2009)Ontology-based security assessment for software productsProceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies10.1145/1558607.1558625(1-4)Online publication date: 13-Apr-2009
https://dl.acm.org/doi/10.1145/1558607.1558625

Abstract

Cited By

Index Terms

Recommendations

Enabling security risk assessment and management for business process models

Process Risk Management in B2B E-Business

Process risk management in B2B E-business

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations