ResearchBib Share Your Research, Maximize Your Social Impacts
Sign for Notice Everyday Sign up >> Login

SAPAIS 2012 - International Workshop on Security Aspects of Process-aware Information Systems (SAPAIS)

Date2012-08-20

Deadline2012-03-01

VenuePrague, Czech Republic Czech Republic

Keywords

Websitehttps://www.ares-conference.eu/conf

Topics/Call fo Papers

Business processes are an important source for the engineering of
customized software systems and are constantly gaining attention in
the area of software engineering as well as in the area of information
and system security. A process-aware information system (PAIS) provides
support for the specification, execution, and/or monitoring of intra-
as well as inter-organizational business processes.

In this context, a complete and correct mapping of process definitions
and related security policies to the corresponding software system is
essential in order to assure consistency between the modeling-level
specifications on the one hand, and the software system that actually
manages corresponding process instances and enforces the respective
policies on the other. The demand to ensure that runtime process
instances comply with modeling-level processes and policies becomes
even more pressing with recent laws and regulations such as the
Sarbanes-Oxley Act (SOX), the Health Insurance Portability and
Accountability Act (HIPAA), or the Basel II Accord. Moreover,
corresponding compliance requirements also arise from security
recommendations and standards such as the NIST security handbook, the
NIST recommended security controls, the ISO 27000 standard family
(formerly ISO 17799), legally binding agreements such as business
contracts, or company-specific (internal) rules/regulations. This
workshop is concerned with the different security aspects of
process-aware information systems - including authentication,
authorization, audit, availability, confidentiality, integrity, and
privacy aspects.

Topics

Suggested topics include, but are not limited to:
- Requirements engineering for security aspects of PAIS
- Modeling-level support for security aspects of PAIS
- Implementation experiences for security aspects of PAIS
- Security aspects of SOA-based PAIS
- Integration of PAIS security aspects in the development process
- Monitoring security aspects of PAIS
- Testing security aspects of PAIS
- Usability aspects of secure PAIS
- Change management for security aspects of PAIS
- Lessons learned and case studies

Last modified: 2011-11-16 20:29:46