Eliciting security requirements for business processes of legacy systems

Argyropoulos, Nikolaos, Alcañiz, Luis Márquez, Mouratidis, Haralambos, Fish, Andrew, Rosado, David G., de Guzmán, Ignacio García-Rodriguez and Fernandez-Medina, Eduardo (2015) Eliciting security requirements for business processes of legacy systems In: The Practice of Enterprise Modeling, Valencia, Spain, November 10-12, 2015.

[img] Text
POEM2015.pdf - Accepted Version
Restricted to Registered users only

Download (882kB)

Abstract

The modernisation of enterprise legacy systems, without compromises in their functionality, is a demanding and time consuming endeavour. To retain the underlying business behaviour during their modernisation, the MARBLE framework has been developed for the extraction of business process models from their source code. Building on top of that work, in this paper we propose an integrated approach for transforming the extracted legacy process models into Secure Tropos goal models. Such models facilitate the elicitation of security requirements in a high level of abstraction, which are then incorporated back into the process models of the modernised systems as security features. Therefore high level models can be derived from legacy source code with minimal manual intervention, where security can be elaborated by non-technical stakeholders in alignment with organisational objectives.

Item Type: Contribution to conference proceedings in the public domain ( Full Paper)
Subjects: G000 Computing and Mathematical Sciences > G600 Software Engineering > G610 Software Design
G000 Computing and Mathematical Sciences > G600 Software Engineering
G000 Computing and Mathematical Sciences > G500 Information Systems
DOI (a stable link to the resource): 10.1007/978-3-319-25897-3_7
Depositing User: Converis
Date Deposited: 08 Feb 2017 03:01
Last Modified: 08 Feb 2017 09:27
URI: http://eprints.brighton.ac.uk/id/eprint/16466

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year