A language for multi-perspective modelling of IT security: Objectives and analysis of requirements

Anat Goldstein, Ulrich Frank

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

6 Scopus citations

Abstract

Effectively protecting information systems is a pivotal responsibility of (IT) management, which faces many challenges: technological complexities, business complexities, various stakeholders and conflicting requirements. Yet, there is no holistic modelling approach that comprehensively addresses all these challenges, while accounting for technical, organizational and business aspects. This paper analyzes the requirements of such a comprehensive modelling method for IT security design and management. We argue that enterprise modelling is most suitable to serve as a foundation for such an approach. We apply a method for developing domain specific modelling languages (DSML) that is chiefly based on a structured analysis of use scenarios including prototypical diagrams. It is supplemented by requirements found in literature. Our analysis results in 23 requirements that should be satisfied by the targeted modelling method. These results are intended to serve as a foundation for discussion and discursive evaluation by peers and domain experts.

Original languageEnglish
Title of host publicationBusiness Process Management Workshops - BPM 2012 International Workshops, Revised Papers
PublisherSpringer Verlag
Pages636-648
Number of pages13
ISBN (Print)9783642362842
DOIs
StatePublished - 1 Jan 2013
Externally publishedYes
EventInternational Workshop on Business Process Management, BPM 2012 - Tallinn, Estonia
Duration: 3 Sep 20123 Sep 2012

Publication series

NameLecture Notes in Business Information Processing
Volume132 LNBIP
ISSN (Print)1865-1348

Conference

ConferenceInternational Workshop on Business Process Management, BPM 2012
Country/TerritoryEstonia
CityTallinn
Period3/09/123/09/12

Keywords

  • DSML
  • enterprise modeling
  • information security
  • IT security
  • MEMO

ASJC Scopus subject areas

  • Management Information Systems
  • Control and Systems Engineering
  • Business and International Management
  • Information Systems
  • Modeling and Simulation
  • Information Systems and Management

Fingerprint

Dive into the research topics of 'A language for multi-perspective modelling of IT security: Objectives and analysis of requirements'. Together they form a unique fingerprint.

Cite this