A Valid BPMN Extension for Supporting Security Requirements Based on Cyber Security Ontology

Chergui, Mohamed; Benslimane, Sidi Mohamed

doi:10.1007/978-3-030-00856-7_14

Cited by 12 publications

(5 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Section: Discussionmentioning

confidence: 99%

“…Due to the importance of quality scenarios, including availability and security, in the business of alliances of organizations, M-PoP needs still to be extended by incorporating such Leveraging the systematic modeling of PoP quality issues. For this, it is necessary first to explore studies on security in traditional business processes, such as (Chergui and Benslimane, 2018;Pullonen et al, 2017;Witti et al, 2018), extend them properly to address security scenarios in the PoP context, and, finally, incorporate the outcomes into the M-PoP modeling rules. Another future work is the conduction of more case studies and/or experiments, considering different academic and real-world scenarios in diverse application domains and contexts that could provide an amount of data, generalization of results, as well as improvements in M-PoP.…”

Section: Threats To Validitymentioning

confidence: 99%

See 1 more Smart Citation

M-PoP: leveraging the systematic modeling of processes-of-business processes

Cagnin

Nakagawa

2022

BPMJ

View full text Add to dashboard Cite

PurposeThis paper presents M-PoP, a method to model large, complex, and dynamic business processes. These processes have sometimes resulted from alliances of organizations (i.e. joint ventures and mergers and acquisitions) and are referred to as Processes-of-Business Processes (PoP). Due to the difficulty of modeling these dynamic processes, alliances of organizations have often lost opportunities, competitiveness, and profitability, so requiring suitable modeling methods.Design/methodology/approachThe authors proposed M-PoP that can model PoP through three views in different abstraction levels and using well-known techniques in industry and academia, mainly those from Business Process Model and Notation (BPMN). For this, M-PoP presents three main steps: identification of PoP elements, modeling of PoP, and verification of PoP models. To evaluate M-PoP, we applied it in a real-world business process in the health domain.FindingsThe evaluation results point out the capability and viability of M-PoP to deal with dynamic business processes.Research limitations/implicationsM-PoP still needs to be applied in various real-world scenarios to gather evidence of its productivity, efficiency, and scalability.Practical implicationsThis novel method could change the way organizations model their business processes and, as a consequence, it could leverage strategic business opportunities.Originality/valueM-PoP is the first method that makes it possible to model large and complex business processes and, most importantly, dynamic processes.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Threats To Validitymentioning

confidence: 99%

M-PoP: leveraging the systematic modeling of processes-of-business processes

Cagnin

Nakagawa

2022

BPMJ

View full text Add to dashboard Cite

show abstract

“…Another example is that of Neumann et al (2019) who applied their extension to the process of cataract surgery in the university hospital Leipzig but the extension can be used in any hospital. Furthermore, several authors like Maines et al (2016) and Chergui and Benslimane (2018) have put into practice their extensions for experimentations.…”

Section: 6mentioning

confidence: 99%

A systematic literature review on BPMN extensions

Zarour

Benmerzoug

Guermouche

et al. 2019

BPMJ

View full text Add to dashboard Cite

Purpose Business Process Model and Notation (BPMN) is a generic language that is often extended by researchers, either for dealing with processes of specific domains or for improving the language itself. The purpose of this paper is to present a literature review that aims to determine the current state of the art of BPMN extensions and identify the gaps that should be filled in this research area. Design/methodology/approach For a comprehensive and effective analysis, a systematic literature review was conducted. After the collection and filtering of papers, 52 extensions were retained to be thoroughly examined and compared according to a set of criteria including objective, targeted domain, conformity to the extension mechanism, demonstration, implementation, etc. Findings The representation of the results in the form of tables and graphs allowed the authors to deduce several positive points on the extensions as their demonstration through concrete examples. On the other hand, the authors have observed several shortcomings and suggested recommendations for addressing them. Originality/value To the best of the authors’ knowledge, the literature review is the only one that evaluates and compares all BPMN extensions over the last four years, based on several criteria covering different aspects. Furthermore, the authors were able to verify the conformity of extensions as they were published after the introduction of the BPMN extension mechanism by the Object Management Group.

show abstract

“…In [16], Salnitri et al propose the SecBPMN-Q query language for representing security policies and a query engine that enables checking SecBPMN-Q policies against SecBPMN-ml specifications. Some works are specifically related to the definition of extensions of BPMN to represent cyber security requirements [7,10]. In [9], the authors investigate a new approach to modeling security and propose a solution to include all concepts potentially modelable in BPMN related to cyber security.…”

Section: Related Work and Conclusionmentioning

confidence: 99%

Achieving GDPR Compliance of BPMN Process Models

Agostinelli

Maggi

Marrella

et al. 2019

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

In an increasingly digital world, where processing and exchange of personal data are key parts of everyday enterprise business processes (BPs), the right to data privacy is regulated and actively enforced in the Europe Union (EU) through the recently introduced General Data Protection Regulation (GDPR), whose aim is to protect EU citizens from privacy breaches. In this direction, GDPR is highly influencing the way organizations must approach data privacy, forcing them to rethink and upgrade their BPs in order to become GDPR compliant. For many organizations, this can be a daunting task, since little has been done so far to easily identify privacy issues in BPs. To tackle this challenge, in this paper, we provide an analysis of the main privacy constraints in GDPR and propose a set of design patterns to capturing and integrating such constraints in BP models. Using BPMN (Business Process Modeling Notation) as modeling notation, our approach allows us to achieve full transparency of privacy constraints in BPs making it possible to ensure their compliance with GDPR.

show abstract

A Valid BPMN Extension for Supporting Security Requirements Based on Cyber Security Ontology

Cited by 12 publications

References 19 publications

M-PoP: leveraging the systematic modeling of processes-of-business processes

M-PoP: leveraging the systematic modeling of processes-of-business processes

A systematic literature review on BPMN extensions

Achieving GDPR Compliance of BPMN Process Models

Contact Info

Product

Resources

About