The Process of Engineering of Security of Information Systems (ESIS): The Formalism of Business Processes

Goudalo, Wilson; Seret, Dominique

doi:10.1109/securware.2009.24

Cited by 4 publications

(2 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The harmonious process brings the answer, dealing with company issues that are human, financial, branding, regulatory and legal. Goudalo and Seret (Goudalo, 2009) define the process for the engineering of security of enterprise information systems in seven major activities designated by the term Security Acts. The first two of them (Identifying business assets and Defining security goals to achieve) assess security needs on corporate assets.…”

Section: Security and Privacy Modelsmentioning

confidence: 99%

See 1 more Smart Citation

Towards Advanced Enterprise Information Systems Engineering - Solving Resilience, Security and Usability Issues within the Paradigms of Socio-Technical Systems

Goudalo¹,

Kolski

2016

Proceedings of the 18th International Conference on Enterprise Information Systems

Self Cite

View full text Add to dashboard Cite

Resilience and Security are very important attributes for most enterprise Information Systems (IS). These systems have human users with various capabilities, experiences and behaviors. Therefore, they have to be resilient, secure and usable. Resilience requires the capacity to prepare and adapt, facing perpetuating evolutionary conditions, and to restore full capability after an incident or an attack. We track and solve Resilience, Security and Usability issues jointly in Enterprise IS. This challenge requires considering the ergonomics of interactions, effectiveness and efficiency of the task realization, user satisfaction, and trust as well as human feelings when using the secure services. In this paper, we propose an approach based on paradigms of socio-technical systems to model the interplay between resilience, security and usability. We detail a case study illustrating the proposed approach and detailing the elaboration of user-experience-based design patterns.

show abstract

Section: Security and Privacy Modelsmentioning

confidence: 99%

“…In the case of Information system and the extended enterprise, initiatives have evolved into guaranteeing security strategy in depth. To improve the security strategy in depth, Goudalo and Seret (Goudalo, 2008) proposed a methodological approach that operates on building a membership canvas of all stakeholders of the company.…”

Section: Introductionmentioning

confidence: 99%