IoT Security Adoption into Business Processes: A Socio-Technical View

Recently, the Internet of Things (IoT) has gained huge focus and has led to the generation of valuable data to create new value propositions for organisations. It is important to explore the impact these developments have on our society. IoT security is identified as the key issue amongst all the IoT applications and presents numerous social and technical challenges. We conducted interviews with IoT experts and the results illustrated how holistic security issues in IoT are undermined and to further emphasize the importance of addressing these issues by accommodating security into IoT business processes. This approach facilitated the assessment and identification of security threats from both social and technical perspectives. Our outcome highlights that IoT security must be implemented into IoT aware business processes to make the technology human centered, despite the challenges involved

Designing business continuity response

Die rasch ändernden Risikobedingungen, mit denen sich Unternehmen heutzutage konfrontiert sehen, stellen Business Continuity und Resilience Verantwortliche vor neue Herausforderungen. Durch die zunehmende Abhängigkeit von Lieferanten und Geschäftspartnern sowie steigende Verfügbarkeitsanforderungen von Services wird es immer bedeutsamer, eine effektive und effiziente Reaktion auf Störungen und Ausfälle zur Verfügung zu stellen, um Ruf und Marke zu schützen sowie finanzielle Ziele zu erreichen. Da die Vorbereitung und Planung einer Reaktion auf unvorhergesehene Ereignisse äußerst kostenintensiv sein kann, ist es notwendig, die Vorteile eines effizienten Notfallmanagements (Business Continuity Managements) nachvollziehbar zu begründen. Der in dieser Arbeit vorgestellte Ansatz erweitert das Konzept des Risk-Aware Business Process Managements, um Auswirkungen von Workarounds und dynamischen Ressourcenzuweisungen zu analysieren. Die Ergebnisse dieser Analyse dienen als signifikanter Input für die Notfallplanung. Für die Evaluierung des Ansatzes wurde ein Simulink Prototyp entwickelt. Zusätzlich wird ein Metamodell zur Abbildung und Erfassung von Business Continuity Anforderungen, welches auf Basis der OpenModels Plattform umgesetzt worden ist, vorgestellt.Companies are increasingly confronted with fast-changing risk-situations, leading to substantial challenges for business continuity and resilience professionals. Furthermore, the growing availability needs and the dependence on providers and suppliers demand an effective and eficient response to disruptions and interruptions in order to protect the brand, reputation and financial objectives of an organization. As the preparation for ’expecting the unexpected’ can be very costly, it is essential to highlight the benefits and advantages brought by proper business continuity planning. This thesis contributes to current research ambitions by presenting a formal approach extending the capabilities of risk-aware business process management. Risk aware business process management in general bridges the gap between the business process management, risk management and business continuity management domain. The presented extension within the thesis enables the consideration of resource allocation aspects within the risk-aware business process modeling and simulation. Through this extension it is possible to evaluate the effects of workarounds and resource re-allocations which is one crucial part in business continuity plans. In order to test the feasibility we implemented a prototype of our formal model using Simulink. Additionally, in this work, we introduce a business continuity meta-model which is capable to capture essential business continuity requirements. The meta-model was implemented as a project within the OpenModels Initative

AMAN-DA : Une approche basée sur la réutilisation de la connaissance pour l'ingénierie des exigences de sécurité

In recent years, security in Information Systems (IS) has become an important issue that needs to be taken into account in all stages of IS development, including the early phase of Requirement Engineering (RE). Considering security during early stages of IS development allows IS developers to envisage threats, their consequences and countermeasures before a system is in place. Security requirements are known to be “the most difficult of requirements types”, and potentially the ones causing the greatest risk if they are not correct. Moreover, requirements engineers are not primarily interested in, or knowledgeable about, security. Their tacit knowledge about security and their primitive knowledge about the domain for which they elicit security requirements make the resulting security requirements poor and too generic.This thesis explores the approach of eliciting requirements based on the reuse of explicit knowledge. First, the thesis proposes an extensive systematic mapping study of the literature on the reuse of knowledge in security requirements engineering identifying the diferent knowledge forms. This is followed by a review and classification of security ontologies as the main reuse form.In the second part, AMAN-DA is presented. AMAN-DA is the method developed in this thesis. It allows the elicitation of domain-specific security requirements of an information system by reusing knowledge encapsulated in domain and security ontologies. Besides that, the thesis presents the different elements of AMANDA: (i) a core security ontology, (ii) a multi-level domain ontology, (iii) security goals and requirements’s syntactic models, (iv) a set of rules and mechanisms necessary to explore and reuse the encapsulated knowledge of the ontologies and produce security requirements specifications.The last part reports the evaluation of the method. AMAN-DA was implemented in a prototype tool. Its feasibility was evaluated and applied in case studies of three different domains (maritime, web applications, and sales). The ease of use and the usability of the method and its tool were also evaluated in a controlled experiment. The experiment revealed that the method is beneficial for the elicitation of domain specific security requirements, and that the tool is friendly and easy to use.Au cours de ces dernières années, la sécurité des Systèmes d'Information (SI) est devenue une préoccupation importante, qui doit être prise en compte dans toutes les phases du développement du SI, y compris dans la phase initiale de l'ingénierie des exigences (IE). Prendre en considération la sécurité durant les premieres phases du dévelopment des SI permet aux développeurs d'envisager les menaces, leurs conséquences et les contre-mesures avant qu'un système soit mis en place. Les exigences de sécurité sont connues pour être "les plus difficiles des types d’exigences", et potentiellement celles qui causent le plus de risque si elles ne sont pas correctes. De plus, les ingénieurs en exigences ne sont pas principalement intéressés à, ou formés sur la sécurité. Leur connaissance tacite de la sécurité et leur connaissance primitive sur le domaine pour lequel ils élucident des exigences de sécurité rendent les exigences de sécurité résultantes pauvres et trop génériques.Cette thèse explore l'approche de l’élucidation des exigences fondée sur la réutilisation de connaissances explicites. Tout d'abord, la thèse propose une étude cartographique systématique et exhaustive de la littérature sur la réutilisation des connaissances dans l'ingénierie des exigences de sécurité identifiant les diférentes formes de connaissances. Suivi par un examen et une classification des ontologies de sécurité comme étant la principale forme de réutilisation.Dans la deuxième partie, AMAN-DA est présentée. AMAN-DA est la méthode développée dans cette thèse. Elle permet l’élucidation des exigences de sécurité d'un système d'information spécifique à un domaine particulier en réutilisant des connaissances encapsulées dans des ontologies de domaine et de sécurité. En outre, la thèse présente les différents éléments d'AMAN-DA : (i) une ontologie de sécurité noyau, (ii) une ontologie de domaine multi-niveau, (iii) des modèles syntaxique de buts et d’exigences de sécurité, (iv) un ensemble de règles et de mécanismes nécessaires d'explorer et de réutiliser la connaissance encapsulée dans les ontologies et de produire des spécifications d’exigences de sécurité.La dernière partie rapporte l'évaluation de la méthode. AMAN-DA a été implémenté dans un prototype d'outil. Sa faisabilité a été évaluée et appliquée dans les études de cas de trois domaines différents (maritimes, applications web, et de vente). La facilité d'utilisation et l’utilisabilité de la méthode et de son outil ont également été évaluées dans une expérience contrôlée. L'expérience a révélé que la méthode est bénéfique pour l’élucidation des exigences de sécurité spécifiques aux domaines, et l'outil convivial et facile à utiliser

Effective communication of information security risk

Cloud computing enables location-independent access to data and plays a significant role in a “linked-up” healthcare environment. Having cloud computing can improve the availability of patient medical records but there is the need to have the right processes in place to realise the benefits of cloud-enabled services. Potential benefits include rapid provisioning and interconnectivity of electronic resources to enhance data availability, and big data analytics help analyse patient data to provide the right intervention to the right patient at the right time through linking the collaboration and communication among healthcare institutions in different locations. Assunção et al. (2015) provided a vision that cloud computing would become the fifth utility, which will offer essential computing services for daily use. Despite the known benefits of cloud computing, the Ministry of Health (MoH) in Oman is hesitant to adopt cloud computing in patient services in healthcare because of perceived risks. There is therefore the need to understand the perception of different types of risks in adopting cloud computing in healthcare in Oman, such as security, management, technical, legal, privacy and other types of risks. To this end, a preliminary interview was conducted with stakeholders and two sets of questionnaires were issued to public and healthcare professionals in order to understand their perception of the risks in adopting cloud computing as a service in healthcare. The findings identified data security, confidentiality, integrity and availability as primary concerns. Therefore, an effective methodology is required to manage those concerns. This research focuses on information security risk management within the healthcare industry. It introduces a methodology, Managing Security Risk-Business Process Modelling (MSR-BPM), as an approach to manage the identified risks. The MSR-BPM approach is built on ISO 27005 processes to help organisations prioritise, manage and treat the identified risks. The primary purpose is to enhance the communication of information security risk in healthcare processes, which can be improved by combining risk registers and business process modelling. A risk register documents the assessment of risk with appropriate countermeasures. BPM visualises the risks, activities, roles, security goals and countermeasures in the process models to promote a shared understanding of risks to decision makers and stakeholders. Finally, the MSR-BPM approach was evaluated through a scenario covering stages in the Integrated Care Pathway for breast cancer. This scenario was chosen because it has been used by previous researchers within the School of Computer Science and Informatics at Cardiff University. An evaluation that covered the set of ISO 27005 processes was produced to create a survey for experts in risk management, business process modelling and healthcare. The experts agreed that combining risk registers with business process modelling improved the communication of information security risk in healthcare processes when compared to using risk registers only