MODELLING E-BUSINESS SECURITY USING BUSINESS PROCESSES

Abstract: Organisations (enterprises, businesses, government institutions, etc.) have changed their way of doing business from a traditional approach to embrace e-business processes. This change makes the perimeter security approach inappropriate for such organisations. The well-known and widely used security mechanisms, including cryptography-based tools and techniques, cannot provide a sufficient level of security without being a part of a comprehensive organisational approach/philosophy. This approach must be different from the current dominant approach, i.e. perimeter security, and must focus on different organisational components. In this paper we suggest a process security approach, and describe ongoing research with the aim of developing an e-business security model based on this new, process security, approach.