Title: A survey on automation of security requirements in service-based business processes

Authors: Fernando A.A. Lins; Erica T.G. Sousa; Nelson S. Rosa

Addresses: Department of Statistics and Informatics, Federal Rural University of Pernambuco, Recife, PE, Brazil ' Department of Statistics and Informatics, Federal Rural University of Pernambuco, Recife, PE, Brazil ' Center of Informatics, Federal University of Pernambuco, Recife, PE, Brazil

Abstract: Service-oriented computing (SOC) and business process management (BPM) are essential topics in computer science. Companies are widely adopting business process standards, such as BPMN, to model their business processes, while automatise them by using services from the SOC world. The automation leads to a gain of efficiency in executing business processes and facilitates the execution of tests. However, the automation also raises fundamental security concerns, especially considering that it can use external services available on the internet, e.g., web services. For example, companies are not comfortable to use systems that communicate over the internet without guarantees that secure actions have been adequately used. The main objective of this work is to provide a holistic view of current initiatives and tools to model and enforce security requirements in service-based business processes along with open research and practical challenges on this subject. The intention is that this work can serve as a source of theoretical and pragmatic ideas for those who want to execute their business processes having in mind security concerns.

Keywords: business process management; BPM; service-oriented computing; SOC; security; web services.

DOI: 10.1504/IJWET.2018.092398

International Journal of Web Engineering and Technology, 2018 Vol.13 No.1, pp.3 - 29

Published online: 17 Jun 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article