Thursday, 25 November 2010

Summary of "Secure Business Process Managment: A Roadmap"

It is a paper done by Thomas Neubauer, Markus Klemen, Stefan Biffl from the Institute of Software Technology and Interactive Systems in Vienna University of Technology, in Austria.

After they defined what is ”Secure Business Process Management”, they said that if the BPM life cycle consist of analyzing, optimizing and designing the business process in accordance with the business strategy, allocating applications and employees, implementing and executing the processes to support information exchange, monitoring and aggregating operational data for the purpose of decision making and continuous improvement. then so SBPM should take the same life cycle and Security should be presented the whole time.



The paper present an idea that Security should begin with strategy definition,  and Security should be developed in parallel with the business process.
Then they say that Security measures should be modeled in the same BPM diagram. after that they presented the idea that security should be valued based on the business process.
finally the idea of the business cockpit, where the monitoring should occur as security need to be monitored along with the business process.

This paper defined Secure Business Process Management and presented a research roadmap for this field. Compared to existing approaches the idea presented in this paper allows the alignment and integrated design of business processes and security objectives over the whole life cycle of a business process. The extension of existing BPM methodologies allows reducing the gap between IT- security and business activities using a combined business driven top down approach.

No comments:

Post a Comment