The Current State of the Holistic Privacy and Security Modelling Approach in Business Process and Software Architecture Modelling

“…Model-based security engineering: Model-based approaches cover risk assessment, attacker modeling and defensive architectures [6]. For example, Coras, Magerit and Mehari are model-based risk assessment methods.…”

An Asset-Based Assistance for Secure by Design

“…Model-based security engineering: Model-based approaches cover risk assessment, attacker modeling and defensive architectures [6]. For example, Coras, Magerit and Mehari are model-based risk assessment methods.…”

An Asset-Based Assistance for Secure by Design

“…Brucker et al, 2012;Ramadan et al, 2017) trying to align business processes and EAAs but they are hard to apply because of their complexity and usage of uncommon models (Kotusev, 2017). A literature review (Alpers et al, 2019) identified a gap in modeling confidentiality requirements holistically across business processes and EAAs. Hence, aligning EAAs with business processes by identifying violated business ACRs during the architectural design phase and evolution scenarios is vital.…”

“…Violating these obligations and policies can lead to high fines and lost assets. There is a gap in modeling confidentiality requirements holistically across business processes and EAAs (Alpers et al, 2019). Hence, aligning EAAs with business processes by identifying violated business access control requirements (ACRs) during the architectural design phase is vital.…”

Challenges in Aligning Enterprise Application Architectures to Business Process Access Control Requirements in Evolutional Changes