It is a paper
done by Thomas Neubauer, Markus Klemen, Stefan Biffl from the Institute
of Software Technology and Interactive Systems in Vienna University of
Technology, in Austria.
After they defined what is
”Secure Business Process Management”, they said that if the BPM life
cycle consist of analyzing, optimizing and designing the business
process in accordance with the business strategy, allocating
applications and employees, implementing and executing the processes to
support information exchange, monitoring and aggregating operational
data for the purpose of decision making and continuous improvement. then
so SBPM should take the same life cycle and Security should be
presented the whole time.
The paper present an
idea that Security should begin with strategy definition, and Security
should be developed in parallel with the business process.
Then
they say that Security measures should be modeled in the same BPM
diagram.
after that they presented the idea that security should be valued based
on the business process.
finally the idea of the business
cockpit, where the monitoring should occur as security need to be
monitored along with the business process.
This paper defined Secure Business Process Management and presented a
research
roadmap for this field. Compared to existing approaches the idea
presented in this paper allows the alignment and integrated design of
business processes and security objectives over the whole life cycle of a
business process. The extension of existing BPM methodologies allows
reducing the gap between IT- security and business activities using a
combined business driven top down approach.
No comments:
Post a Comment