Results 1 -
8 of
8
Towards a Framework for Semantic Business Process Compliance Management
"... Abstract. Processes count to the most important assets of companies. Ensuring the compliance of processes to legal regulations, governance guidelines, and strategic business requirements is a sine qua non condition to controlling business behavior. Implementing business process compliance requires m ..."
Abstract
-
Cited by 11 (1 self)
- Add to MetaCart
(Show Context)
Abstract. Processes count to the most important assets of companies. Ensuring the compliance of processes to legal regulations, governance guidelines, and strategic business requirements is a sine qua non condition to controlling business behavior. Implementing business process compliance requires means for modeling and enforcing compliance measures. In this work, we motivate the need for automation in compliance management and introduce the role of policies. We then distinguish eight requirements for a compliance management framework. We also discuss different ways of conducting compliance checking. Finally, we propose a policy-based framework for business process compliance management. We eventually proceed to a discussion of the soundness and practicability of our approach, followed by an investigation of the main challenges ahead of our approach to policy-based semantic business process compliance management.
Business process data compliance
- In RuleML 2012, LNCS 7438
, 2012
"... Abstract. Most approaches to business process compliance are restricted to the analysis of the structure of processes. It has been argued that full regulatory compliance requires information on not only the structure of processes but also on what the tasks in a process do. To this end Governatori an ..."
Abstract
-
Cited by 5 (4 self)
- Add to MetaCart
Abstract. Most approaches to business process compliance are restricted to the analysis of the structure of processes. It has been argued that full regulatory compliance requires information on not only the structure of processes but also on what the tasks in a process do. To this end Governatori and Saqid [2007] proposed to extend business processes with semantic annotations. We propose a methodology to automatically extract one kind of such annotations; in particular the annotations related to the data schema and templates linked to the various tasks in a business process.
Modeling and verifying security policies in business processes
- In Proc. of BPMDS’14
"... Abstract. Modern information systems are large-sized and comprise multiple heterogeneous and autonomous components. Autonomy enables decentralization, but it also implies that components providers are free to change, retire, or intro-duce new components. This is a threat to security, and calls for a ..."
Abstract
-
Cited by 5 (3 self)
- Add to MetaCart
(Show Context)
Abstract. Modern information systems are large-sized and comprise multiple heterogeneous and autonomous components. Autonomy enables decentralization, but it also implies that components providers are free to change, retire, or intro-duce new components. This is a threat to security, and calls for a continuous veri-fication process to ensure compliance with security policies. Existing verification frameworks either have limited expressiveness—thereby inhibiting the specifi-cation of real-world requirements—, or rely on formal languages that are hardly employable for modeling and verifying large systems. In this paper, we overcome the limitations of existing approaches by proposing a framework that enables: (1) specifying information systems in SecBPMN, a security-oriented extension of BPMN; (2) expressing security policies through SecBPMN-Q, a query lan-guage for representing security policies; and (3) verifying SecBPMN-Q against SecBPMN specifications via an implemented query engine. We report on the ap-plicability of our approach via a case study about air traffic management.
Towards Policy-Powered Semantic Enterprise Compliance Management
- In 3rd International Workshop on Semantic Business Process Management
, 2008
"... Abstract. An essential but difficult task to achieve in distributed enterprise systems is the management and enforcement of regulations and policies. We explore and discuss ideas for the implementation of enterprise wide compliance management. We propose an approach that builds on policies to realiz ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
Abstract. An essential but difficult task to achieve in distributed enterprise systems is the management and enforcement of regulations and policies. We explore and discuss ideas for the implementation of enterprise wide compliance management. We propose an approach that builds on policies to realize compliance checking on semantic descriptions of enterprise models. This paper is meant to initiate a discussion about the pro and contra of our approach.
Checking Compliance in European Tender Documents through Ontologies and
"... Abstract. In this paper we present an overview of the PhD thesis, which aims to show the feasibility of a legal knowledge modeling based on the definitions included into legal texts using Semantic Web techniques in order to check compliance of tender documents to EU Directives. We show a hybrid appr ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract. In this paper we present an overview of the PhD thesis, which aims to show the feasibility of a legal knowledge modeling based on the definitions included into legal texts using Semantic Web techniques in order to check compliance of tender documents to EU Directives. We show a hybrid approach, i.e. a theory and a system that combine the use of Akoma-Ntoso standard to describe legal texts, OWL 2.0 for modeling legal concepts and the emerging LegalRuleML standard for providing a rule-based extension of legal knowledge representation on the top of ontologies. 1
Requirements for the Service Process Lifecycle
"... Abstract: Services are an increasingly important part of modern economies. They are provided by service processes that are an important subtype of business processes. Therefore, the life cycle used for business processes may also be applied to service processes. However, the properties of service pr ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract: Services are an increasingly important part of modern economies. They are provided by service processes that are an important subtype of business processes. Therefore, the life cycle used for business processes may also be applied to service processes. However, the properties of service processes and the services provided require to extend the lifecycle of service processes. Therefore, the properties of service processes and services are analyzed and the resulting requirements for the process lifecycle identified.
A Semantic Framework for Compliance Management in Business Process Management
"... In process-centric enterprises, business processes (BPs) are atthe center of value-creating activities. Governing enterprise BPs requires the ability to control and guide BP behavior. Ensuring compliance of processes to legal regulations and strategy directives becomes acritical requirement. Impleme ..."
Abstract
- Add to MetaCart
In process-centric enterprises, business processes (BPs) are atthe center of value-creating activities. Governing enterprise BPs requires the ability to control and guide BP behavior. Ensuring compliance of processes to legal regulations and strategy directives becomes acritical requirement. Implementing business process compliance makes means for modeling and enforcing compliance measures necessary. In this work, we motivate the need for automation and semantic consistency incompliance management and defend the use of policies for this purpose. We then propose a policy-based framework for business process compliance management and further detail its architecture as part of the SUPER research project on semantic business process management (SBPM). Finally, we introducethe ontology stack we proposefor compliance modeling and conclude by an investigation of the main challenges ahead in order to provide an implementation of the proposed framework. This work seeks tolay down the fundaments of a comprehensive architecture for semantic compliance modeling and enforcement inthe context of BPM.
Noname manuscript No. (will be inserted by the editor) Designing Secure Business Processes with SecBPMN
"... Abstract Modern information systems are increasingly large and consist of an interplay of technical components and social actors (humans and organi-zations). Such interplay threatens the security of the overall system, and calls for verification techniques that enable determining compliance with sec ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract Modern information systems are increasingly large and consist of an interplay of technical components and social actors (humans and organi-zations). Such interplay threatens the security of the overall system, and calls for verification techniques that enable determining compliance with security policies. Existing verification frameworks either have a limited expressiveness that inhibits the specification of real-world requirements, or rely on formal lan-guages that are difficult to use for most analysts. In this paper, we overcome the limitations of existing approaches by presenting the SecBPMN framework. Our proposal includes: (1) the SecBPMN-ml modeling language, a security-oriented extension of BPMN for specifying composite information systems; (2)
