Š. m. sausio 6 d., (antradienį), 13 val. vizituojantis Tartu universiteto doc. dr. Raimundas Matulevičius skaitys pranešimą apie saugumo reikalavimus, kylančius iš verslo procesų. Seminaras vyks KTU slėnio „Santaka” 226 aud. (mažesnis seminarų kambarys šalia darbuotojų lifto). Seminaras vyks anglų kalba.
Anotacija: The need to secure business processes is increased as more and more activities performed in enterprises are supported by information systems (IS). Traditionally, security in business processes is addressed by either representing security concepts graphically or by enforcing security constraints. Further there are methods, which support requirements elicitation from the goal and business models, but these do not focus on the security requirements in particular. In this paper we emphasis on the use of the security risk-oriented patterns in order to understand what business assets need to be secured. Based on these patterns we have developed the security requirements elicitation from business processes (SREBP) method. The method supports elicitation of the security objectives in terms of security criteria and their systematic translation to security requirements potentially used within the operational business processes. We have applied the SREBP method in few case studies and have compared the completeness of elicited security requirements and efficiency of the method against the security quality requirements engineering (SQUARE).
Tema: Security Requirements Elicitation from Business Processes
Pranešėjas: Assoc. Prof. PhD. Raimundas Matulevičius, University of Tartu