Modeling Wizard for Confidential Business Processes

Lehmann, Andreas; Lohmann, Niels

doi:10.1007/978-3-642-36285-9_67

Cited by 4 publications

(1 citation statement)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…(Accorsi et al, 2011a), (Accorsi et al, 2011b), (Accorsi et al, 2012), (Fenz et al, 2009), , (Lehmann et al, 2013), and (Lohmann et al, 2009)) and confidentiality determination methods implemented as part of different risk assessment methods (e.g., NIST (Barker et al, 2008a), Magerit (Spanish Ministry for Public Administrations, 2006), and Mehari (CLUSIF, 2010)). When dealing with confidentiality requirements in business processes one of the first decisions to make is the level to which each asset should be protected.…”

Section: Related Workmentioning

confidence: 99%

How to Assess Confidentiality Requirements of Corporate Assets?

Cervantes

Fenz

2014

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

Confidentiality is an important property that organizations relying on information technology have to preserve. The purpose of this work is to provide a structured approach for identifying confidentiality requirements. A key step in the information security risk management process is the determination of the impact level arisen from a loss of confidentiality, integrity or availability. We deal here with impact level determination regarding confidentiality by proposing a method to calculate impact levels based on the different kind of consequences typically arisen from threats. The proposed approach assesses the impact arisen from confidentiality losses on different areas separately and uses a parameterized model that allows organizations to adjust it according to their specific needs. A validation of the developed approach has been conducted in a small software development company.

show abstract