Logo der Universität Wien

An Analysis and Evaluation of Security Aspects in the Business Process Model and Notation


Enhancing existing business process modeling languages with security concepts has attracted increased attention in research and several graphical notations and symbols have been proposed. How these extensions can be comprehended by users has not been evaluated yet. However, the comprehensibility of security concepts integrated within business process models is of utmost importance for many purposes such as communication, training, and later automation within a process-aware information system. If users do not understand the security concepts, this might lead to restricted acceptance or even misinterpretation and possible security problems in the sequel. In this paper, we evaluate existing security extensions of Business Process Model and Notation (BPMN) as BPMN constitutes the de facto standard in business modeling languages nowadays. The evaluation is conducted along two lines, i.e., a literature study and a survey. The findings of both evaluations identify shortcomings and open questions of existing approaches. This will yield the basis to convey security-related information within business process models in a comprehensible way and consequently, unleash the full effects of security modeling in business processes.

Grafik Top
Grafik Top
Paper in Conference Proceedings or in Workshop Proceedings (Short Paper in Proceedings)
Event Title
8th International Conference on Availability, Reliability and Security (ARES 2013)
Workflow Systems and Technology
Event Location
Regensburg, Germany
Event Type
Event Dates
2-6 September 2013
Page Range
pp. 262-267
Grafik Top
Contact us
Faculty of Computer Science
University of Vienna

Währinger Straße 29
A-1090 Vienna