Skip to Main content Skip to Navigation
Conference papers

Enhancement of a Business Model with a Business Contextual Risk Model

Zakariya Kamagaté 1, 2, 3, 4 Jacques Simonin 1, 3 Yvon Kermarrec 1
2 Lab-STICC_IMTA_CID_IRIS
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
3 Lab-STICC_IMTA_CID_DECIDE
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
Abstract : In this paper, we propose an approach of security risk-driven contextual model for software systems development. The approach is model-driven using enterprise business architecture as the basis for the contextual models definition, associating security risk concerns. Enterprise Architecture (EA) enables the description of an organisation’s structure, its business and its underlying Information System. By using a Model-Driven Engineering (MDE) approach such as Model-Driven Architecture (MDA), we define an architecture for models, and we provide a set of guidelines for structuring specifications expressed as (EA) contextual models. Then these models are enhanced to integrate security aspects in the overall development process. The proposal aims to analyse enterprise security from a business-oriented view and define security requirements inherited by the lower architectures, particularly IS architecture. The approach provides a meta-model of business contextual risk with a security management process, consisting on a systematic method, guiding to risk modelling and risk treatment strategies.
Complete list of metadata

https://hal-imt-atlantique.archives-ouvertes.fr/hal-03141542
Contributor : Jacques Simonin Connect in order to contact the contributor
Submitted on : Monday, May 17, 2021 - 4:33:44 PM
Last modification on : Monday, October 11, 2021 - 2:23:58 PM
Long-term archiving on: : Wednesday, August 18, 2021 - 6:55:00 PM

File

CRISIS2020-018_v1Enhancement o...
Files produced by the author(s)

Identifiers

`

Citation

Zakariya Kamagaté, Jacques Simonin, Yvon Kermarrec. Enhancement of a Business Model with a Business Contextual Risk Model. International Conference on Risks and Security of Internet and Systems, Nov 2020, Paris, France. pp.325-334, ⟨10.1007/978-3-030-68887-5_20⟩. ⟨hal-03141542⟩

Share

Metrics

Record views

142

Files downloads

24