Architectural Alignment Of Access Control Requirements Extracted From Business Processes

Architectural Alignment of Access Control Requirements Extracted from Business Processes

Author : Pilipchuk, Roman

Publisher : KIT Scientific Publishing

Page : 366 pages

File Size : 22,35 MB

Release : 2023-01-27

Category : Computers

ISBN : 3731512122

Get eBook

Book Description

Business processes and information systems evolve constantly and affect each other in non-trivial ways. Aligning security requirements between both is a challenging task. This work presents an automated approach to extract access control requirements from business processes with the purpose of transforming them into a) access permissions for role-based access control and b) architectural data flow constraints to identify violations of access control in enterprise application architectures.





Context-based Access Control and Attack Modelling and Analysis

Author : Walter, Maximilian

Publisher : KIT Scientific Publishing

Page : 350 pages

File Size : 37,59 MB

Release : 2024-07-03

Category :

ISBN : 3731513625

Get eBook

Book Description

This work introduces architectural security analyses for detecting access violations and attack paths in software architectures. It integrates access control policies and vulnerabilities, often analyzed separately, into a unified approach using software architecture models. Contributions include metamodels for access control and vulnerabilities, scenario-based analysis, and two attack analyses. Evaluation demonstrates high accuracy in identifying issues for secure system development.



Architectural Data Flow Analysis for Detecting Violations of Confidentiality Requirements

Author : Seifermann, Stephan

Publisher : KIT Scientific Publishing

Page : 412 pages

File Size : 50,85 MB

Release : 2022-12-09

Category : Computers

ISBN : 3731512467

Get eBook

Book Description

Software vendors must consider confidentiality especially while creating software architectures because decisions made here are hard to change later. Our approach represents and analyzes data flows in software architectures. Systems specify data flows and confidentiality requirements specify limitations of data flows. Software architects use detected violations of these limitations to improve the system. We demonstrate how to integrate our approach into existing development processes.



Evaluating Architectural Safeguards for Uncertain AI Black-Box Components

Author : Scheerer, Max

Publisher : KIT Scientific Publishing

Page : 472 pages

File Size : 38,49 MB

Release : 2023-10-23

Category :

ISBN : 373151320X

Get eBook

Book Description

Although tremendous progress has been made in Artificial Intelligence (AI), it entails new challenges. The growing complexity of learning tasks requires more complex AI components, which increasingly exhibit unreliable behaviour. In this book, we present a model-driven approach to model architectural safeguards for AI components and analyse their effect on the overall system reliability.



Architecture-based Evolution of Dependable Software-intensive Systems

Author : Heinrich, Robert

Publisher : KIT Scientific Publishing

Page : 154 pages

File Size : 20,53 MB

Release : 2023-06-05

Category :

ISBN : 3731512947

Get eBook

Book Description

This cumulative habilitation thesis, proposes concepts for (i) modelling and analysing dependability based on architectural models of software-intensive systems early in development, (ii) decomposition and composition of modelling languages and analysis techniques to enable more flexibility in evolution, and (iii) bridging the divergent levels of abstraction between data of the operation phase, architectural models and source code of the development phase.



Consistent View-Based Management of Variability in Space and Time

Author : Ananieva, Sofia

Publisher : KIT Scientific Publishing

Page : 310 pages

File Size : 27,63 MB

Release : 2022-12-06

Category : Computers

ISBN : 3731512416

Get eBook

Book Description

Developing variable systems faces many challenges. Dependencies between interrelated artifacts within a product variant, such as code or diagrams, across product variants and across their revisions quickly lead to inconsistencies during evolution. This work provides a unification of common concepts and operations for variability management, identifies variability-related inconsistencies and presents an approach for view-based consistency preservation of variable systems.



A Reference Structure for Modular Model-based Analyses

Author : Koch, Sandro Giovanni

Publisher : KIT Scientific Publishing

Page : 398 pages

File Size : 48,26 MB

Release : 2024-04-25

Category :

ISBN : 3731513412

Get eBook

Book Description

In this work, the authors analysed the co-dependency between models and analyses, particularly the structure and interdependence of artefacts and the feature-based decomposition and composition of model-based analyses. Their goal is to improve the maintainability of model-based analyses. They have investigated the co-dependency of Domain-specific Modelling Languages (DSMLs) and model-based analyses regarding evolvability, understandability, and reusability.



COBIT 5 for Information Security

Author : ISACA

Publisher : ISACA

Page : 220 pages

File Size : 29,5 MB

Release : 2012

Category : Business & Economics

ISBN : 1604202548

Get eBook

Book Description

COBIT 5 provides a comprehensive framework that assists enterprises in achieving their objectives for the governance and management of enterprise IT. COBIT 5 enables IT to be governed and managed in a holistic manner for the entire enterprise, taking into account the full end-to-end business and IT functional areas of responsibility, considering IT-related interests of internal and external stakeholders.



Secure-by-Design Enterprise Architectures and Business Processes in Supply Chains. Handling Threats from Physical Transport Goods in Parcel Mail Services

Author : Michael Middelhoff

Publisher : Logos Verlag Berlin GmbH

Page : 272 pages

File Size : 26,48 MB

Release :

Category :

ISBN : 3832557083

Get eBook

Book Description

Supply chain security encompasses measures preventing theft, smuggling, and sabotage through heightened awareness, enhanced visibility, and increased transparency. This necessitates the adoption of a security-by-design paradigm to achieve effective and efficient security measures, yielding additional benefits such as diminished supply chain costs. Given their vulnerability, transportation and logistics service providers play a pivotal role in supply chain security. This thesis leverages systems security engineering and security-by-design to provide a methodology for designing and evaluating security measures for physical transport goods. It formulates nine principles that define security-by-design and establishes a supply chain security framework. An adaptation of the TOGAF architecture development facilitates the creation of secure-by-design enterprise architectures. Security measures are documented using security-enhanced processes based on BPMN. This enables an analysis and compliance assessment to ascertain the alignment of security with business objectives and the adequate implementation of requirements. The culmination of these efforts is exemplified through a case study.