From Early Requirements Analysis towards Secure Workflows
Requirements engineering is a key step in the software development process that has little counterpart in the design of secure business processes and secure workflows for web services. This paper presents a methodology that allows a business process designer to derive the skeleton of the concrete coarse grained secure business process, that can be further refined into workflows, from the early requirements analysis.
- 1.G. Frankova, F. Massacci, and M. Seguran. From Early Requirements Analysis towards Secure Workflows. Technical report, University of Trento, 2007.Google Scholar
- 2.P. Giorgini, F. Massacci, J. Mylopoulos, and N. Zannone. Requirements Engineering for Trust Management: Model, Methodology, and Reasoning. International Journal of Information Security, 5(4):257–274, October 2006.Google Scholar
- 3.Trusted Computing Group. TCG Specification Architecture Overview Revision 1.2, April 2003.Google Scholar
- 4.D. Lau and J. Mylopoulos. Designing Web Services with Tropos. In Proceedings of IEEE International Conference on Web Services, San Diego, USA, July 6–9 2004.Google Scholar
- 5.F. Massacci, J. Mylopoulos, and N. Zannone. An Ontology for Secure Socio-Technical Systems. Handbook of Ontologies for Business Interaction, 2007.Google Scholar
- 6.T. Neubauer, M. Kiemen, and S. Biffl. Secure Business Process Management: A Roadmap. In Proceedings of International Conference on Availability, Reliability and Security, Vienna, Austria, April 2006.Google Scholar
- 7.OASIS. Web Services Business Process Execution Language Version 2.0, August 2006. Public Review Draft, http://docs.oasis-open.org/wsbpel/2.0/.
- 8.M.P. Papazoglou and J. Yang. Design Methodology for Web Services and Business Processes. In Proceedings of the International Workshop on Technologies for E-Services, Hong Kong, China, August 2002.Google Scholar
- 9.L. Penserini, A. Perini, A. Susi, and J. Mylopoulos. From Stakeholder Needs to Service Requirements. In Proceeding of International Workshop on Service-Oriented Computing: Consequences for Engineering Requirements, Minneapolis, Minnesota, USA, September 2006.Google Scholar