Securing the Core University Business Processes

  • Veliko Ivanov
  • Monika Tzaneva
  • Alexandra Murdjeva
  • Valentin Kisimov
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6555)

Abstract

In the paper are presented solutions for securing the core University Business Processes. A Method for identification which Business processes are critical for security point of view, on which is required to pay more attention for its securing. For securing of the elected Business processes is developed a new security system – Extended Certification Authority. Special Secure eDocument Management Architecture is developed, on which base are developed the solutions for securing the following University Business processes - Delegation of exam permissions to lecturers, Recording exam marks, and Exchange management documents.

Keywords

Securing business process Extended Certification Authority Secure eDucument Management Architecture 

References

  1. 1.
    O’Higgins, B.: What is the Difference Between a Public-Key Infrastructure and a Certification Authority? http://www.opengroup.org/comm/the_message/magazine/mmv4n2/pki.htm
  2. 2.
    Shirbu, M., Chuang, J.: Distributed Authentication in Kerberos using Public key cryptography, http://people.ischool.berkeley.edu/~chuang/pubs/pkda.pdf
  3. 3.
    Bass de Graeff, Business processes Security, Unisys, http://www.unisys.com/unisys/ri/wp/detail.jsp?id=17600051
  4. 4.
    Kisimov, V.: Dynamic Business-managed Information systems, Sofia, Bulgaria (2008) ISBN 978-954-323-444-8Google Scholar
  5. 5.
    Garfamy, R.: Supplier selection and Business process improvement, doctoral thesis, Autonomous University of Barcelona (2005)Google Scholar
  6. 6.
    Lee, J., Choi, J.: Process selection for Business Process Management in a mobile telecommunications company, University of Illinois at Urbana-Champaign, USA. International Journal of Information Technologies and Management 8(4), 382–399 (2009)CrossRefGoogle Scholar
  7. 7.
    RFC 2459, Internet X.509 Public Key Infrastructure Certificate and CRL Profile, http://www.ietf.org/rfc/rfc2459.txt
  8. 8.
    National RFC 3281, An Internet Attribute Certificate Profile for Authorization, http://www.faqs.org/rfcs/rfc3281.html

Copyright information

© IFIP International Federation for Information Processing 2011

Authors and Affiliations

  • Veliko Ivanov
    • 1
  • Monika Tzaneva
    • 1
  • Alexandra Murdjeva
    • 1
  • Valentin Kisimov
    • 1
  1. 1.University of National and World EconomySofiaBulgaria

Personalised recommendations