Integrating Security Risk Management into Business Process Management for the Cloud

Elio Goettelmann 1, 2 Nicolas Mayer 2 Claude Godart 1
1 SCORE - Services and Cooperation
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : Security issues are still preventing wider adoption of cloud computing, especially for businesses which are handling sensitive information. Indeed, by outsourcing its information system (IS), a company can lose control over its infrastructure, its software or even its data. Therefore, new methods and tools need to be defined to respond to this challenge. In this paper we propose to integrate Security Risk Management approaches into Business Process Management to effectively treat security issues at the early phases of the Information System construction. We focus on cloud brokers, emerging actors of the cloud delivery model, who enhance and aggregate existing cloud services to match them with their cloud consumers' requirements. Our main goal is to provide them with tools and techniques to increase the global security level of an IS through different risk treatment strategies.
Document type :
Conference papers
Complete list of metadatas

Cited literature [15 references]  Display  Hide  Download

https://hal.inria.fr/hal-01095868
Contributor : Elio Goettelmann <>
Submitted on : Tuesday, December 16, 2014 - 1:54:48 PM
Last modification on : Tuesday, December 18, 2018 - 4:26:02 PM
Long-term archiving on : Monday, March 23, 2015 - 2:00:41 PM

File

CBI2014.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Elio Goettelmann, Nicolas Mayer, Claude Godart. Integrating Security Risk Management into Business Process Management for the Cloud. CBI 2014 (IEEE 16th Conference on Business Informatics), Jul 2014, Genève, Switzerland. pp.86 - 93, ⟨10.1109/CBI.2014.29⟩. ⟨hal-01095868⟩

Share

Metrics

Record views

260

Files downloads

541