Modelling quality of protection in outsourced business processes

F. Massacci; A. Yautsiukhin

doi:10.1109/IAS.2007.70

Modelling quality of protection in outsourced business processes

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

Abstract

There is a large number of research papers and standards dedicated to security for outsourced data. Yet, most papers propose new controls to access and protect the data rather than to assess the level of assurance of the whole process that is currently deployed. The main contributions of the paper is an approach for aggregating security properties of individual tasks of a complex business process in order to receive the level of assurance provided by the whole process. The approach takes into account the fact that some tasks of a business process may be outsourced and thus account for not very reliable partners. The approach chooses the concrete business process offering the highest assurance among several possible design alternatives by building an optimal hyperpath traversing the business process. © 2007 IEEE.

Original language	English
Title of host publication	Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security
Pages	247-252
DOIs	https://doi.org/10.1109/IAS.2007.70
Publication status	Published - 2007
Externally published	Yes
Event	3rd Internationl Symposium on Information Assurance and Security, IAS 2007 - , United Kingdom Duration: 20 Aug 2007 → 31 Aug 2007

Publication series

Name	Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security

Conference

Conference	3rd Internationl Symposium on Information Assurance and Security, IAS 2007
Country/Territory	United Kingdom
Period	20/08/07 → 31/08/07

Access to Document

10.1109/IAS.2007.70

Persistent URL (handle)

Persistent link

Cite this

@inproceedings{d0025545045d434da2d8e67ac451b2f5,

title = "Modelling quality of protection in outsourced business processes",

abstract = "There is a large number of research papers and standards dedicated to security for outsourced data. Yet, most papers propose new controls to access and protect the data rather than to assess the level of assurance of the whole process that is currently deployed. The main contributions of the paper is an approach for aggregating security properties of individual tasks of a complex business process in order to receive the level of assurance provided by the whole process. The approach takes into account the fact that some tasks of a business process may be outsourced and thus account for not very reliable partners. The approach chooses the concrete business process offering the highest assurance among several possible design alternatives by building an optimal hyperpath traversing the business process. {\textcopyright} 2007 IEEE.",

author = "F. Massacci and A. Yautsiukhin",

year = "2007",

doi = "10.1109/IAS.2007.70",

language = "English",

series = "Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security",

pages = "247--252",

booktitle = "Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security",

note = "3rd Internationl Symposium on Information Assurance and Security, IAS 2007 ; Conference date: 20-08-2007 Through 31-08-2007",

}

Massacci, F & Yautsiukhin, A 2007, Modelling quality of protection in outsourced business processes. in Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security. Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security, pp. 247-252, 3rd Internationl Symposium on Information Assurance and Security, IAS 2007, United Kingdom, 20/08/07. https://doi.org/10.1109/IAS.2007.70

Modelling quality of protection in outsourced business processes. / Massacci, F.; Yautsiukhin, A.
Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security. 2007. p. 247-252 (Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security).

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Modelling quality of protection in outsourced business processes

AU - Massacci, F.

AU - Yautsiukhin, A.

PY - 2007

Y1 - 2007

N2 - There is a large number of research papers and standards dedicated to security for outsourced data. Yet, most papers propose new controls to access and protect the data rather than to assess the level of assurance of the whole process that is currently deployed. The main contributions of the paper is an approach for aggregating security properties of individual tasks of a complex business process in order to receive the level of assurance provided by the whole process. The approach takes into account the fact that some tasks of a business process may be outsourced and thus account for not very reliable partners. The approach chooses the concrete business process offering the highest assurance among several possible design alternatives by building an optimal hyperpath traversing the business process. © 2007 IEEE.

AB - There is a large number of research papers and standards dedicated to security for outsourced data. Yet, most papers propose new controls to access and protect the data rather than to assess the level of assurance of the whole process that is currently deployed. The main contributions of the paper is an approach for aggregating security properties of individual tasks of a complex business process in order to receive the level of assurance provided by the whole process. The approach takes into account the fact that some tasks of a business process may be outsourced and thus account for not very reliable partners. The approach chooses the concrete business process offering the highest assurance among several possible design alternatives by building an optimal hyperpath traversing the business process. © 2007 IEEE.

UR - https://www.scopus.com/pages/publications/46749114820

UR - https://www.scopus.com/inward/citedby.url?scp=46749114820&partnerID=8YFLogxK

U2 - 10.1109/IAS.2007.70

DO - 10.1109/IAS.2007.70

M3 - Conference contribution

T3 - Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security

SP - 247

EP - 252

BT - Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security

T2 - 3rd Internationl Symposium on Information Assurance and Security, IAS 2007

Y2 - 20 August 2007 through 31 August 2007

ER -

Modelling quality of protection in outsourced business processes

Abstract

Publication series

Conference

Access to Document

Persistent URL (handle)

Other files and links

Fingerprint

Cite this