Cybersecurity Evaluation of Enterprise Architectures: The e-SENS Case

Pavleska, Tanja; Aranha, Helder; Masi, Massimiliano; Grandry, Eric; Sellitto, Giovanni Paolo

doi:10.1007/978-3-030-35151-9_15

Cited by 10 publications

(3 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Further research and efforts from the side of government actors are needed to successfully implement the OOP across borders. The TOOP project provides a great federated architecture [28,44] for enabling the provision of OOP solutions across borders. This architecture is picked up and further developed in the DE4ALL project [8].…”

Section: Discussionmentioning

confidence: 99%

Once-Only Principle Good Practices in Europe

Wimmer

2021

The Once-Only Principle

View full text Add to dashboard Cite

Digital transformation has become a recent keyword in the evolution of public sector modernization through the once-only principle (OOP). The once-only principle is among the seven driving principles in the eGovernment Action Plan 2016–2020 of the European Commission (EC). It requires that citizens and businesses need not to provide the same data to governments if that data is already in their hands. The ultimate goal of the principle is to reduce administrative burden and to simplify public service provisioning therewith also reducing costs and improving public service. To boost developments towards administrative burden reduction and simplification in public service provisioning, the SCOOP4C project has investigated good practice solutions across Europe. In this contribution, we provide an overview of good practice OOP cases and OOP enablers studied in the project, followed by a synthesis of the benefits and key enablers to boost the OOP implementation across Europe.

show abstract

Section: Discussionmentioning

confidence: 99%

Once-Only Principle Good Practices in Europe

Wimmer

2021

The Once-Only Principle

View full text Add to dashboard Cite

show abstract

“…Ebbers et al [29] use EA models to aggregate vulnerabilities from assets to a level of relevance for the management. Lastly, Pavleska et al [34] took EA models in a health context and transferred them by hand to securiCAD to perform security analysis. Similarly, Jiang et al [35] did with models from the power domain.…”

Section: Related Workmentioning

confidence: 99%

Analyzing Enterprise Architecture Models by Means of the Meta Attack Language

Aldea

Hacks

2022

Advanced Information Systems Engineering

View full text Add to dashboard Cite

The digital transformation exposes organizations to new threats endangering their business. A way to uncover these threats is threat modeling and attack simulations. However, modeling an entire organization by hand is time consuming and error prone. Therefore, we propose to reuse Enterprise Architecture (EA) models. In this work, we propose a mapping from ArchiMate, a common EA modeling language, to coreLang, a threat modeling language, and use the resulting models to perform attack simulations to foresee possible attack paths. Then, we play back the results of the attack simulations to the EA model and complete the round-trip. To demonstrate our approach, we developed a prototype performing the transformation from ArchiMate to coreLang and applied our approach to the well-known ArchiSurance example.

show abstract

“…In an analysis of drivers and barriers for OOP implementation in the SCOOP4C project, trust is stressed as underlying condition [12], [38], [39]. In the TOOP project, trust is addressed with a technical approach by defining a trust architecture as part of the system design [40], [41]. In a broader perspective, TOOP also links the question of trust to the organizational culture of government agencies.…”

Section: Political Significance Of Data-driven Transformation With Th...mentioning

confidence: 99%

Approaches to Good Data Governance in Support of Public Sector Transformation Through Once-Only

Wimmer¹,

Neuroni²,

Frecè³

2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

The Once Only Principle (OOP) drives current public sector modernization through the reduction of administrative burdens. It requires public authorities not to ask citizens and companies to repeatedly provide information to the public authorities. Instead, public authorities shall share and re-use data among themselves in due respect of data protection regulation. The sharing and re-use of sensitive and non-sensitive data among public administrations demands for broad acceptance by all stakeholders. Trust and transparency are key success criteria in such data-driven public sector transformation. Establishing proper governance mechanisms for the data infrastructures that enable the sharing and reuse in public service provisioning, and that provide the necessary transparency and trust levels is expected to effectively improve public service. This research investigates approaches for establishing a good data governance in OOP settings tackling the sharing and re-use of sensitive or personal data. Geographical focus is on the European Union and Switzerland.

show abstract

Cybersecurity Evaluation of Enterprise Architectures: The e-SENS Case

Cited by 10 publications

References 10 publications

Once-Only Principle Good Practices in Europe

Once-Only Principle Good Practices in Europe

Analyzing Enterprise Architecture Models by Means of the Meta Attack Language

Approaches to Good Data Governance in Support of Public Sector Transformation Through Once-Only

Contact Info

Product

Resources

About