Challenges in Aligning Enterprise Application Architectures to Business Process Access Control Requirements in Evolutional Changes
Roman Pilipchuk, Stephan Seifermann, Robert Heinrich, Ralf Reussner
2021
Abstract
Business processes define requirements for software systems that support business goals. Enterprise Application Architectures (EAAs) organize the structure and behavior of the required software systems. Satisfying requirements regarding the confidentiality of information that originate from the business process design is crucial to fulfill legal obligations and corporate policies. Violating these obligations and policies can lead to high fines and lost assets. There is a gap in modeling confidentiality requirements holistically across business processes and EAAs (Alpers et al., 2019). Hence, aligning EAAs with business processes by identifying violated business access control requirements (ACRs) during the architectural design phase is vital. Thereto, three challenges need to be overcome: i) define the meaning of read and write from ACRs for EAAs, ii) identify relevant parts of the EAA affected by ACRs and iii) define rules to cope with data type refinement. In this paper, we present the challenges, solutions to them and our scientific findings that we made during the development of AcsALign, which is an approach to align the EAAs to ACRs of business processes in the early design phase and evolution scenarios using the established modeling languages Business Process Model and Notation (BPMN) and Palladio Component Model (PCM). We apply our solutions in a real-world case study. Evaluation results show satisfying accuracy of the requirements extraction and architectural alignment.
DownloadPaper Citation
in Harvard Style
Pilipchuk R., Seifermann S., Heinrich R. and Reussner R. (2021). Challenges in Aligning Enterprise Application Architectures to Business Process Access Control Requirements in Evolutional Changes. In Proceedings of the 18th International Conference on e-Business - Volume 1: ICE-B, ISBN 978-989-758-527-2, pages 13-24. DOI: 10.5220/0010511800130024
in Bibtex Style
@conference{ice-b21,
author={Roman Pilipchuk and Stephan Seifermann and Robert Heinrich and Ralf Reussner},
title={Challenges in Aligning Enterprise Application Architectures to Business Process Access Control Requirements in Evolutional Changes},
booktitle={Proceedings of the 18th International Conference on e-Business - Volume 1: ICE-B,},
year={2021},
pages={13-24},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010511800130024},
isbn={978-989-758-527-2},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 18th International Conference on e-Business - Volume 1: ICE-B,
TI - Challenges in Aligning Enterprise Application Architectures to Business Process Access Control Requirements in Evolutional Changes
SN - 978-989-758-527-2
AU - Pilipchuk R.
AU - Seifermann S.
AU - Heinrich R.
AU - Reussner R.
PY - 2021
SP - 13
EP - 24
DO - 10.5220/0010511800130024