SAPAIS 2012 - International Workshop on Security Aspects of Process-aware Information Systems (SAPAIS)
Topics/Call fo Papers
Business processes are an important source for the engineering of
customized software systems and are constantly gaining attention in
the area of software engineering as well as in the area of information
and system security. A process-aware information system (PAIS) provides
support for the specification, execution, and/or monitoring of intra-
as well as inter-organizational business processes.
In this context, a complete and correct mapping of process definitions
and related security policies to the corresponding software system is
essential in order to assure consistency between the modeling-level
specifications on the one hand, and the software system that actually
manages corresponding process instances and enforces the respective
policies on the other. The demand to ensure that runtime process
instances comply with modeling-level processes and policies becomes
even more pressing with recent laws and regulations such as the
Sarbanes-Oxley Act (SOX), the Health Insurance Portability and
Accountability Act (HIPAA), or the Basel II Accord. Moreover,
corresponding compliance requirements also arise from security
recommendations and standards such as the NIST security handbook, the
NIST recommended security controls, the ISO 27000 standard family
(formerly ISO 17799), legally binding agreements such as business
contracts, or company-specific (internal) rules/regulations. This
workshop is concerned with the different security aspects of
process-aware information systems - including authentication,
authorization, audit, availability, confidentiality, integrity, and
privacy aspects.
Topics
Suggested topics include, but are not limited to:
- Requirements engineering for security aspects of PAIS
- Modeling-level support for security aspects of PAIS
- Implementation experiences for security aspects of PAIS
- Security aspects of SOA-based PAIS
- Integration of PAIS security aspects in the development process
- Monitoring security aspects of PAIS
- Testing security aspects of PAIS
- Usability aspects of secure PAIS
- Change management for security aspects of PAIS
- Lessons learned and case studies
customized software systems and are constantly gaining attention in
the area of software engineering as well as in the area of information
and system security. A process-aware information system (PAIS) provides
support for the specification, execution, and/or monitoring of intra-
as well as inter-organizational business processes.
In this context, a complete and correct mapping of process definitions
and related security policies to the corresponding software system is
essential in order to assure consistency between the modeling-level
specifications on the one hand, and the software system that actually
manages corresponding process instances and enforces the respective
policies on the other. The demand to ensure that runtime process
instances comply with modeling-level processes and policies becomes
even more pressing with recent laws and regulations such as the
Sarbanes-Oxley Act (SOX), the Health Insurance Portability and
Accountability Act (HIPAA), or the Basel II Accord. Moreover,
corresponding compliance requirements also arise from security
recommendations and standards such as the NIST security handbook, the
NIST recommended security controls, the ISO 27000 standard family
(formerly ISO 17799), legally binding agreements such as business
contracts, or company-specific (internal) rules/regulations. This
workshop is concerned with the different security aspects of
process-aware information systems - including authentication,
authorization, audit, availability, confidentiality, integrity, and
privacy aspects.
Topics
Suggested topics include, but are not limited to:
- Requirements engineering for security aspects of PAIS
- Modeling-level support for security aspects of PAIS
- Implementation experiences for security aspects of PAIS
- Security aspects of SOA-based PAIS
- Integration of PAIS security aspects in the development process
- Monitoring security aspects of PAIS
- Testing security aspects of PAIS
- Usability aspects of secure PAIS
- Change management for security aspects of PAIS
- Lessons learned and case studies
Other CFPs
- TARS 2011 Aquaculture Feeds and Nutrition
- International Workshop on Secure systems methodologies using patterns (SPattern)
- International Workshop on Security and Cognitive Informatics for Homeland Defense (SeCIHD)
- 11th International Symposium on Pervasive Systems, Algorithms, and Networks (I-SPAN 2011)
- 2011 International Workshop on Assistive Engineering and Information Technologies (AEIT2011).
Last modified: 2011-11-16 20:29:46