Socio-Technical Systems (STSs) are complex systems composed of both social (i.e., humans and organizations) and technical (i.e., hardware and software) elements. Security requirements for STSs define constraints for the sociotechnical interactions and can be specified as a set of security policies that have to be satisfied by the components of the system during their interactions. In this paper, we present how security requirements molded in STS-ml are transformed in security policies expressed in SecBPMN, an extension of BPMN with security annotations
Transforming Socio-Technical Security Requirements in SecBPMN Security Policies
Salnitri, Mattia;Giorgini, Paolo
2014-01-01
Abstract
Socio-Technical Systems (STSs) are complex systems composed of both social (i.e., humans and organizations) and technical (i.e., hardware and software) elements. Security requirements for STSs define constraints for the sociotechnical interactions and can be specified as a set of security policies that have to be satisfied by the components of the system during their interactions. In this paper, we present how security requirements molded in STS-ml are transformed in security policies expressed in SecBPMN, an extension of BPMN with security annotationsFile in questo prodotto:
| File | Dimensione | Formato | |
|---|---|---|---|
|
istar-1-2014.pdf
accesso aperto
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
1.29 MB
Formato
Adobe PDF
|
1.29 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
