• DocumentCode
    3366719
  • Title

    Modelling Quality of Protection in Outsourced Business Processes

  • Author

    Massacci, Fabio ; Yautsiukhin, Artsiom

  • Author_Institution
    Univ. of Trento, Trento
  • fYear
    2007
  • fDate
    29-31 Aug. 2007
  • Firstpage
    247
  • Lastpage
    252
  • Abstract
    There is a large number of research papers and standards dedicated to security for outsourced data. Yet, most papers propose new controls to access and protect the data rather than to assess the level of assurance of the whole process that is currently deployed. The main contributions of the paper is an approach for aggregating security properties of individual tasks of a complex business process in order to receive the level of assurance provided by the whole process. The approach takes into account the fact that some tasks of a business process may be outsourced and thus account for not very reliable partners. The approach chooses the concrete business process offering the highest assurance among several possible design alternatives by building an optimal hyper-path traversing the business process.
  • Keywords
    business data processing; outsourcing; security of data; access controls; complex business process; data security; outsourced business process; protection quality modelling; Appraisal; Buildings; Companies; Concrete; Data security; Information security; Outsourcing; Protection; Service oriented architecture; Technology management;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance and Security, 2007. IAS 2007. Third International Symposium on
  • Conference_Location
    Manchester
  • Print_ISBN
    0-7695-2876-7
  • Electronic_ISBN
    978-0-7695-2876-2
  • Type

    conf

  • DOI
    10.1109/IAS.2007.70
  • Filename
    4299782
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3366719