Enterprise Modeling and Information Security
Riga Technical University, Latvia
Regarding information security, the role of enterprise models is twofold: (1) the enterprise models can reflect information about security solutions in enterprise information systems and (2) the enterprise models, at the meta-level, is information that has to be properly managed from the point of view of security, i.e., it has to be clear how availability, confidentiality and other security related factors are handled with respect to particular models. To illustrate how enterprise models can be used in caring for security in information systems, several security requirements patterns will be discussed focusing on the relationships between the information flow in the patterns and the corresponding enterprise model elements. The issues of enterprise model security, at the meta-level, will be explained using the FREEDOM framework, which has been developed for continuous requirements engineering. The framework concerns As-Is and To-Be enterprise models that are used in such functions as requirements engineering, fulfillment engineering, design and development, operations, and management.
Lecture at NEMO2018
Date/Time: Thursday, July 26, 2018 at 16:30