Enterprise Modeling and Information Security
Current business process modeling approaches are well appropriate for showing the sequence of activities. They are less suitable for reflecting information flows. However, to reason about information security, the reflection of information flows is an essential instrument for analyzing the way how information shall be organized with respect to the security. While the security refers not only to the technical devices and access rights in databases, also the enterprise models that reflect organizational structure (including particular individuals), technical architecture, information architecture, and relationships between aforementioned models are useful to identify and use different patterns that reflect the need for caring for security and the corresponding methods of establishing the requested level of security. Several security patterns prescribed by SREBP approach will be presented and analyzed in the context of enterprise models.
Lecture at NEMO2015
Date/Time: Friday, July 31, 2015 at 11:00