, J. Heurix:
"Objective Types for the Valuation of Secure Business Processes
Vortrag: 7th IEEE/ACIS International Conference on Computer and Information Science, Portland/Oregon; 14.05.2008 - 16.05.2008; in:"Proceedings of the 7th IEEE/ACIS International Conference on Computer and Information Science
", (2008), ISBN: 978-0-7695-3131-1; S. 231 - 236.
[ Publication Database
In today's business environments, the unimpeded execution of corporate business processes is crucial for a company's success. As business processes are permanently exposed to a variety of threats, companies are increasingly forced to pay attention to security issues. Existing approaches for the evaluation of security measures often neglect the consideration of business needs and multiple objectives. This paper gives an overview of the Atana approach that supports decision makers with the elicitation of security safeguards based on corporate business processes and according to multiple objectives. It introduces different objectives types that are needed for measuring the value of security investments.