Title :
Modelling Quality of Protection in Outsourced Business Processes
Author :
Massacci, Fabio ; Yautsiukhin, Artsiom
Author_Institution :
Univ. of Trento, Trento
Abstract :
There is a large number of research papers and standards dedicated to security for outsourced data. Yet, most papers propose new controls to access and protect the data rather than to assess the level of assurance of the whole process that is currently deployed. The main contributions of the paper is an approach for aggregating security properties of individual tasks of a complex business process in order to receive the level of assurance provided by the whole process. The approach takes into account the fact that some tasks of a business process may be outsourced and thus account for not very reliable partners. The approach chooses the concrete business process offering the highest assurance among several possible design alternatives by building an optimal hyper-path traversing the business process.
Keywords :
business data processing; outsourcing; security of data; access controls; complex business process; data security; outsourced business process; protection quality modelling; Appraisal; Buildings; Companies; Concrete; Data security; Information security; Outsourcing; Protection; Service oriented architecture; Technology management;
Conference_Titel :
Information Assurance and Security, 2007. IAS 2007. Third International Symposium on
Conference_Location :
Manchester
Print_ISBN :
0-7695-2876-7
Electronic_ISBN :
978-0-7695-2876-2
DOI :
10.1109/IAS.2007.70
