Business processes are essential instruments used for the coordination of organisational activities in order to produce value in the form of products and services. Information security is an important non-functional characteristic of business processes due to the involvement of sensitive data exchanged between their participants. Therefore, potential security shortfalls can severely impact organisational reputation, customer trust and cause compliance issues. Nevertheless, despite its importance, security is often considered as a technical concern and treated as an afterthought during the design of information systems and the business processes which they support.
The consideration of security during the early design stages of information systems is highly beneficial. Goal-oriented security requirements engineering ap- proaches can contribute to the early elicitation of system requirements at a high level of abstraction and capture the organisational context and rationale behind design choices. Aligning such requirements with process activities at the operational level augments the traceability between system models of different abstraction levels and leads to more robust and context-aware operationalisations of security. Therefore, there needs to be a well-defined and verifiable interconnection between a system’s security requirements and its business process models.
This work introduces a framework for the design of secure business process models. It uses security-oriented goal models as its starting point to capture a socio-technical view of the system to-be and its security requirements during its early design stages. Concept mappings and model transformation rules are also introduced as a structured way of extracting business process skeletons from such goal models, in order to facilitate the alignment between the two different levels of abstraction. The extracted business process skeletons, are refined to complete business process models through the use of a set of security patterns, which standardise proven solutions to recurring security problems. Finally, the framework also offers security verification capabilities of the produced process models through the introduction of security-related attributes and model checking algorithms.
Evaluation of this work is performed: (i) through individual evaluation of its components via their application in real-life systems, (ii) a workshop-based modelling exercise where participants used and evaluated parts of the framework and (iii) a case study from the public administration domain where the overall framework was applied in cooperation with stakeholders of the studied system. The evaluation indicated that the developed framework provides a structured approach which supports stakeholders in designing and evaluating secure business process models.