IDEAS home Printed from https://ideas.repec.org/a/spr/binfse/v60y2018i1d10.1007_s12599-018-0518-4.html
   My bibliography  Save this article

Security Requirements Elicitation from Airline Turnaround Processes

Author

Listed:
  • Raimundas Matulevičius

    (University of Tartu)

  • Alex Norta

    (Tallinn University of Technology)

  • Silver Samarütel

    (University of Tartu)

Abstract

Security risk management is an important part of system development. Given that a majority of modern organizations rely heavily on information systems, security plays a big part in ensuring smooth operations of business processes. For example, many people rely on e-services offered by banks and medical establishments. Inadequate security measures in information systems have unwanted effects on an organization’s reputation and on people’s lives. This case study paper targets the secure system development problem by suggesting the application of security requirements elicitation from business processes (SREBP). This approach provides business analysts with means to elicit and introduce security requirements to business processes through the application of the security risk-oriented patterns (SRPs). These patterns help find security risk occurrences in business processes and present mitigations for these risks. At the same time, they reduce the efforts needed for risk analysis. In this paper, the authors report their experience to derive security requirements for mitigating security risks in the distributed airline turnaround systems.

Suggested Citation

  • Raimundas Matulevičius & Alex Norta & Silver Samarütel, 2018. "Security Requirements Elicitation from Airline Turnaround Processes," Business & Information Systems Engineering: The International Journal of WIRTSCHAFTSINFORMATIK, Springer;Gesellschaft für Informatik e.V. (GI), vol. 60(1), pages 3-20, February.
  • Handle: RePEc:spr:binfse:v:60:y:2018:i:1:d:10.1007_s12599-018-0518-4
    DOI: 10.1007/s12599-018-0518-4
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s12599-018-0518-4
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.

    File URL: https://libkey.io/10.1007/s12599-018-0518-4?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Olga Altuhhov & Raimundas Matulevičius & Naved Ahmed, 2013. "An Extension of Business Process Model and Notation for Security Risk Management," International Journal of Information System Modeling and Design (IJISMD), IGI Global, vol. 4(4), pages 93-113, October.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Raphael Lissillour & Jean Michel Sahut, 2023. "Uses of Information Systems to Develop Trust in Family Firms," Business & Information Systems Engineering: The International Journal of WIRTSCHAFTSINFORMATIK, Springer;Gesellschaft für Informatik e.V. (GI), vol. 65(2), pages 127-141, April.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Rafika Thabet & Dominik Bork & Amine Boufaied & Elyes Lamine & Ouajdi Korbaa & Hervé Pingaud, 2021. "Risk-aware business process management using multi-view modeling: method and tool," Post-Print hal-03202277, HAL.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:binfse:v:60:y:2018:i:1:d:10.1007_s12599-018-0518-4. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.