Enterprise Models as Drivers for IT Security Management at Runtime
In this paper, the authors describe how enterprise models can be made suitable for monitoring and controlling IT security at runtime. A holistic modeling method is proposed that extends enterprise models with runtime information, turning them into dashboards for managing security incidents and risks, and supporting decision making at runtime. The requirements of such a modeling method are defined and an existing enterprise modeling language is extended with relevant security concepts that also capture runtime information to satisfy these requirements.
Provided by: University of Dubuque Topic: Security Date Added: Oct 2013 Format: PDF