The Institute of Computer Science and the research group business information systems have the pleasure to invite all interested researchers and students to a guest lecture on „Eliciting Security Requirements from Business Processes Using Security Risk-oriented Patterns“. Lecturer is Assoc. Prof. Dr. Raimundas Matulevicius, University of Tartu, Estonia. The lecture is scheduled for Thursday, April 30th, 9-11 in room 037, Albert-Einstein-Str. 22. It is part of the teaching module on enterprise modeling.
Abstract: Business process modelling and security engineering are two important concerns when developing information systems. However current practices report that security is addressed at the later development stages (i.e. design and implementation). This raises a question whether the business processes are performed securely. In the guest lecture, a method is presented which elicits security requirements from business processes and includes the collaboration between business and security analysts. To support this collaboration a set of security risk-oriented patterns is applied.