Security in the Context of Business Processes: Thoughts from a System Vendor’s Perspective

By Achim D. Brucker.

Enterprise systems in general and process aware systems in particular are storing and processing the most critical assets of a company. To protect these assets, such systems need to implement a multitude of security properties. Moreover, such systems need often to comply to various compliance regulations.

In this keynote, we present process-level security requirements as well as discuss the gap between the ideal world of process-aware information systems and the real world. We conclude our presentation by discussing several research challenges in the area of verifiable secure process aware information systems.

Please cite this work as follows:
A. D. Brucker, “Security in the context of business processes: Thoughts from a system vendor’s perspective,” presented at the Dagstuhl seminar 13341 “verifiably secure process-aware information systems,” Dagstuhl, Germany, Aug. 19, 2013. Invited Keynote.. Author copy: http://logicalhacking.com/publications/talk-brucker-security-process-systems-2013/

BibTeX
@Unpublished{ talk:brucker:security-process-systems:2013,
  date              = {2013-08-19},
  title             = {Security in the Context of Business Processes: Thoughts from
                       a System Vendor's Perspective},
  author            = {Achim D. Brucker},
  venue             = {Dagstuhl, Germany},
  year              = {2013},
  note              = {Invited Keynote.. 
                       Author copy: \url{http://logicalhacking.com/publications/talk-brucker-security-process-systems-2013/}},
  slideshare        = {26209285},
  slideshare_width  = {427},
  slideshare_height = {356},
  eventtitle        = {Dagstuhl Seminar 13341 ``Verifiably Secure Process-Aware
                       Information Systems''},
  abstract          = {Enterprise systems in general and process aware systems in
                       particular are storing and processing the most critical assets
                       of a company. To protect these assets, such systems need to
                       implement a multitude of security properties. Moreover, such
                       systems need often to comply to various compliance
                       regulations.
                       
                       In this keynote, we present process-level security
                       requirements as well as discuss the gap between the ideal
                       world of process-aware information systems and the real world.
                       We conclude our presentation by discussing several research
                       challenges in the area of verifiable secure process aware
                       information systems.},
  areas             = {software},
}