N. Ahmed and R. Matulevicius, A taxonomy for assessing security in business process modelling, IEEE 7th International Conference on Research Challenges in Information Science (RCIS), pp.1-10, 2013.
DOI : 10.1109/RCIS.2013.6577700

O. Altuhhova, R. Matulevicius, and N. Ahmed, Towards Definition of Secure Business Processes, CAiSE Workshops, pp.1-15, 2012.
DOI : 10.1007/978-3-642-31069-0_1

. Cloud-security-alliance, Cloud Control Matrix / Security, Trust & Assurance Registry / Consensus Assessments Initiative Questionnaire

R. Conforti, M. De-leoni, M. L. Rosa, and W. M. Van-der-aalst, Supporting Risk-Informed Decisions during Business Process Execution, CAiSE'13, pp.116-132, 2013.
DOI : 10.1007/978-3-642-38709-8_8

A. Dreiling, M. Rosemann, and W. M. Van-der-aalst, From conceptual process models to running workflows : a holistic approach for the configuration of enterprise systems, PACIS'05, pp.363-376, 2005.

E. Goettelmann, W. Fdhila, and C. Godart, Partitioning and Cloud Deployment of Composite Web Services under Security Constraints, 2013 IEEE International Conference on Cloud Engineering (IC2E), 2013.
DOI : 10.1109/IC2E.2013.22

URL : https://hal.archives-ouvertes.fr/hal-00922186

E. Goettelmann, N. Mayer, and C. Godart, A general approach for a trusted deployment of a business process in clouds, Proceedings of the Fifth International Conference on Management of Emergent Digital EcoSystems, MEDES '13, 2013.
DOI : 10.1145/2536146.2536164

URL : https://hal.archives-ouvertes.fr/hal-00922189

M. Jensen, J. Schwenk, J. Bohli, N. Gruschka, and L. Iacono, Security Prospects through Cloud Computing by Adopting Multiple Clouds, 2011 IEEE 4th International Conference on Cloud Computing, pp.565-572, 2011.
DOI : 10.1109/CLOUD.2011.85

S. T. March and G. F. Smith, Design and natural science research on information technology, Decision Support Systems, vol.15, issue.4, pp.251-266, 1995.
DOI : 10.1016/0167-9236(94)00041-2

N. Mayer, Model-based Management of Information System Security Risk, 2009.
URL : https://hal.archives-ouvertes.fr/tel-00402996

C. Monsalve, A. April, and A. Abran, Requirements elicitation using bpm notations: Focusing on the strategic level representation, ACA- COS, issue.11, pp.235-241, 2011.

G. Münzl, B. Przywra, M. Reti, J. Schäfer, K. Sondermann et al., Cloud computing -evolution in der technik, revolution im business, 2009.

A. Narayanan and V. Shmatikov, Myths and fallacies of "personally identifiable information", Communications of the ACM, vol.53, issue.6, pp.24-26, 2010.
DOI : 10.1145/1743546.1743558

P. Watson, A multi-level security model for partitioning workflows over federated clouds, CloudCom, pp.180-188, 2011.
DOI : 10.1007/3-540-45848-4_57

M. Weske, Business Process Management -Concepts, Languages, Architectures, 2012.