Title :
A Formal Approach Enabling Risk-Aware Business Process Modeling and Simulation
Author :
Tjoa, S. ; Jakoubi, S. ; Goluch, G. ; Kitzler, G. ; Goluch, S. ; Quirchmayr, G.
Author_Institution :
St. Polten Univ. of Appl. Sci., St. Polten, Austria
Abstract :
The effective, efficient and continuous execution of business processes is crucial for meeting entrepreneurial goals. Business process modeling and simulation are used to enable desired business process optimizations. However, current approaches mainly focus on economic aspects while security aspects are dealt with in separate initiatives. This missing interconnection may lead to significant differences in improvement suggestions, such as the differing valuation of security investments (e.g., redundancy of systems). The major contribution of this paper is the introduction of a formal model that is capable of expressing the relations between threats, detection mechanisms, safeguards, recovery measures and their effects on business processes. This novel business process simulation capability paves the way for the evaluation of security investments at process design stage by allowing the consideration of stochastic influences of the occurrence of threats on process activities and resources in a unified way. A stylized business case outlines how our method can be applied to real world scenarios.
Keywords :
business data processing; economics; risk management; security of data; stochastic processes; business process modeling; business process optimization; economic aspects; entrepreneurial goal; risk awarenes; security investment; stochastic influence; Biological system modeling; Business continuity; Computational modeling; Risk management; Security; Unified modeling language; Business process reengineering; consulting and strategic planning; security enablement methods and tools.;
Journal_Title :
Services Computing, IEEE Transactions on
DOI :
10.1109/TSC.2010.17
