Improvement of IT-Security in Enterprises based on Process Analysis and Risk Patterns (ITSE)
The importance of introducing security engineering practices early in the development cycle has been acknowledged, however it has been over-sighted in business processes. The recent approach for the security requirements elicitation from the business processes (SREBP) supports identification of the complete set of security requirements in an efficient way. This contributes to improved IT-security in enterprises and secured enterprise architectures. The main goal of the project is to transfer this approach to the practice of small and medium-sized enterprises (SME) and to incorporate it into enterprise architecture development cycle, creating a set of guidelines.
Read the complete project description in the PDF version of the project.