JISBD2007-05: Especificación de Procesos de Negocio Seguros a través de una extensión de UML 2.0 (JISBD2007-05: Secure Business Processes defined through a UML 2.0 extension)

Alfonso Rodríguez (alfonso@ubiobio.cl)1, Eduardo Fernández-Medina (Eduardo.FdezMedina@uclm.es)2, Mario Piattini (Mario.Piattini@uclm.es)2, Juan Trujillo (jtrujillo@dlsi.ua.es)3

1Universidad del Bio-Bio, Chillán, Chile
2Universidad de Castilla-La Mancha, Ciudad Real, España
3Universidad de Alicante, Alicante, España

This paper appears in: Revista IEEE América Latina

Publication Date: Aug. 2008
Volume: 6,   Issue: 4 
ISSN: 1548-0992

Business Processes (BP) are an important resource in enterprise performance and in maintaining competitiveness. In the last few years, languages used for BP representation have been improved and new notations have appeared. The importance of security in BP is widely accepted. However, the perspective of the business analyst in relation to security has hardly been dealt with. In this paper, we present an extension of the UML 2.0 Activity Diagram which allows us to specify security requirements in BP. We have used UML profile extensibility mechanisms composed of stereotypes, constraints and tagged values. We have also used the OCL to specify the constraints. We apply our proposal in a typical business process related to a patient admission in health-care institution.

Index Terms:
Activity Diagram, Business Process, Object Constraint Language (OCL), Security Requirement, Unified Modeling Language (UML).   

Documents that cite this document
This function is not implemented yet.

[PDF Full-Text (430)]