Assessing Business Process Security Awareness: A Service-Oriented Approach
暂无分享,去创建一个
The aim of this paper is to present some preliminary ideas about practical metrics and measurements useful for (i) assessing business process risk at design time and (ii) computing security and trust metrics at run time on business process orchestrations. In particular, the study is focused on a priori metrics applied to behavioral specifications of business processes (e.g., business rules and UML 2.0 /UMM diagrams) and to run-time metrics applied to the high-level eservices composing them. Design-time metrics deal with the risk connected to information leaking (including privacy-related concerns) and to other disclosure threats, while run-time service-oriented metrics regard security as a Quality of Service, and therefore include factors like trustworthiness, completeness, and correctness of the services composing the business process when deployed on a Service Oriented Architecture (SOA).
[1] Rafael Accorsi,et al. Personalization in privacy-aware highly dynamic systems , 2006, CACM.
[2] E. Mussi,et al. Recovery of Faulty Web Applications through Service Discovery , 2006 .
[3] Stephen J. Mellor,et al. MDA Distilled Principles Of Model-Driven Architecture , 2004 .