Security Requirements Elicitation from Airline Turnaround Processes

Security risk management is an important part of system development. Given that a majority of modern organizations rely heavily on information systems, security plays a big part in ensuring smooth operations of business processes. For example, many people rely on e-services offered by banks and medical establishments. Inadequate security measures in information systems have unwanted effects on an organization’s reputation and on people’s lives. This case study paper targets the secure system development problem by suggesting the application of security requirements elicitation from business processes (SREBP). This approach provides business analysts with means to elicit and introduce security requirements to business processes through the application of the security risk-oriented patterns (SRPs). These patterns help find security risk occurrences in business processes and present mitigations for these risks. At the same time, they reduce the efforts needed for risk analysis. In this paper, the authors report their experience to derive security requirements for mitigating security risks in the distributed airline turnaround Systems

Criteria and Heuristics for Business Process Model Decomposition - Review and Comparative Evaluation

It is generally agreed that large process models should be decomposed into sub-processes in order to enhance understandability and maintainability. Accordingly, a number of process decomposition criteria and heuristics have been proposed in the literature. This paper presents a review of the field revealing distinct classes of criteria and heuristics. The study raises the question of how different decomposition heuristics affect process model understandability and maintainability. To address this question, an experiment is conducted where two different heuristics, one based on breakpoints and the other on data objects, were used to decompose a flat process model. The results of the experiment show that, although there are minor differences, the heuristics cause very similar results in regard to understandability and maintainability as measured by various process model metrics

The unified enterprise modelling language – Overview and further Work

ISBN 978-1-1234-7890-2/08International audienceThe Unified Enterprise Modelling Language (UEML) aims to support integrated use of enterprise and IS models expressed in a variety of languages. The achieve this aim, UEML provides a hub through which different languages can be connected, thereby paving the way for connecting the models expressed in those languages. UEML offers a structured approach to describing enterprise and IS modelling constructs, a common ontology to interrelate construct descriptions at the semantic level, a correspondence analysis approach to estimate semantic construct similarity, a quality framework to aid selection of languages, a meta-meta model to organise the UEML and a set of tools to aid its use. This paper presents an overview of UEML and points to paths for further work