A Framework for Systematic Analysis and Modeling of Trustworthiness Requirements Using i* and BPMN | SpringerLink
Skip to main content
Springer Nature Link
Log in

A Framework for Systematic Analysis and Modeling of Trustworthiness Requirements Using i* and BPMN

  • Conference paper
  • First Online:
Trust, Privacy and Security in Digital Business (TrustBus 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9830))

Included in the following conference series:

Abstract

New technologies like cloud computing and new business models bring new capabilities for hosting and offering complex collaborative business operations. However, these advances can also bring undesirable side-effects, e.g., introducing new vulnerabilities and threats caused by collaboration and data exchange over the Internet. Hence, users become more concerned about the trust, e.g., trust in services for critical business processes with sensitive data. Since trust is subjective, trustworthiness requirements for addressing trust concerns are difficult to elicit, especially if there are different parties involved in the business process. In this paper, we propose a user-centered trustworthiness requirement analysis and modeling framework. Using goal models for capturing the users’ trust concerns can motivate design decisions with respect to trustworthiness. We purpose integrating the subjective trust concerns into goal models and embedding them into business process models as objective trustworthiness requirements. This paper addresses the gap in considering trustworthiness requirements during automation (in providing supporting software) of business processes. We demonstrate our approach on an application example from the health-care domain.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 4804
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 6006
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    http://www.optet.eu/.

References

  1. Avancha, S., Baxi, A., Kotz, D.: Privacy in mobile technology for personal healthcare. ACM Comput. Surv. 45(1), 1–54 (2012)

    Article  Google Scholar 

  2. Cabanillas, C., Knuplesch, D., Resinas, M., Reichert, M., Mendling, J., Ruiz-Cortés, A.: RALph: a graphical notation for resource assignments in business processes. In: Zdravkovic, J., Kirikova, M., Johannesson, P. (eds.) CAiSE 2015. LNCS, vol. 9097, pp. 53–68. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  3. Di Cerbo, F., Gol Mohammadi, N., Paulus, S.: Evidence-based trustworthiness of internet-based services through controlled software development. In: Cleary, F., et al. (eds.) CSP Forum 2015. CCIS, vol. 530, pp. 91–102. Springer, Heidelberg (2015). doi:10.1007/978-3-319-25360-2_8

    Chapter  Google Scholar 

  4. Mohammadi, N.G., Bandyszak, T., Goldsteen, A., Kalogiros, C., Weyer, T., Moffie, M., Nasser, B.I., Surridge, M.: Combining risk-management and computational approaches for trustworthiness evaluation of socio-technical systems. In: Proceedings of the CAiSE Forum, pp. 237–244 (2015)

    Google Scholar 

  5. Mohammadi, N.G., Bandyszak, T., Kalogiros, C., Kanakakis, M.: A framework for evaluating the end-to-end trustworthiness. In: Proceedings of the 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom) (2015)

    Google Scholar 

  6. Mohammadi, N.G., Bandyszak, T., Paulus, S., Meland, P.H., Weyer, T., Pohl, K.: Extending software development methodologies to support trustworthiness-by-design. In: Proceedings of the CAiSE Forum, pp. 213–220 (2015)

    Google Scholar 

  7. Mohammadi, N.G., Heisel, M.: Enhancing business process models with trustworthiness requirements, accepted. In: 10th IFIP WG 11.11 International Conference on Trust Management (2016)

    Google Scholar 

  8. Mohammadi, N.G., Heisel, M.: Patterns for identification of trust concerns and specification of trustworthiness requirements, accepted in the progress of publication (2016)

    Google Scholar 

  9. Mohammadi, N.G., Paulus, S., Bishr, M., Metzger, A., Könnecke, H., Hartenstein, S., Weyer, T., Pohl, K.: Trustworthiness attributes and metrics for engineering trusted internet-based software systems. In: Helfert, M., Desprez, F., Ferguson, D., Leymann, F. (eds.) CLOSER 2013. CCIS, vol. 453, pp. 19–35. Springer, Heidelberg (2014)

    Google Scholar 

  10. Koschmider, A., Yingbo, L., Schuster, T.: Role assignment in business process models. In: Daniel, F., Barkaoui, K., Dustdar, S. (eds.) BPM Workshops 2011, Part I. LNBIP, vol. 99, pp. 37–49. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  11. Mei, H., Huang, G., Xie, T.: Internetware: a software paradigm for internet computing. Computer 45(6), 26–31 (2012)

    Article  Google Scholar 

  12. Nuseibeh, B.: Weaving together requirements and architectures. Computer 3, 115–119 (2001)

    Article  Google Scholar 

  13. OMG: Business Process Model and Notation (BPMN) version 2.0. Technical report (2011)

    Google Scholar 

  14. Russell, N., van der Aalst, W.M.P., ter Hofstede, A.H.M., Edmond, D.: Workflow resource patterns: identification, representation and tool support. In: Pastor, Ó., Falcão e Cunha, J. (eds.) CAiSE 2005. LNCS, vol. 3520, pp. 216–232. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  15. Short, S., Kaluvuri, S.P.: A data-centric approach for privacy-aware business process enablement. In: van Sinderen, M., Johnson, P. (eds.) IWEI 2011. LNBIP, vol. 76, pp. 191–203. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  16. Stepien, B., Felty, A., Matwin, S.: A non-technical user-oriented display notation for XACML conditions. In: Babin, G., Kropf, P., Weiss, M. (eds.) E-Technologies: Innovation in an Open World. LNBIP, vol. 26, pp. 53–64. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  17. Strembeck, M., Mendling, J.: Modeling process-related RBAC models with extended UML activity models. Inf. Softw. Technol. 53(5), 456–483 (2011)

    Article  Google Scholar 

  18. Stroppi, L.J.R., Chiotti, O., Villarreal, P.D.: Extending BPMN 2.0: method and tool support. In: Dijkman, R., Hofstetter, J., Koehler, J. (eds.) BPMN 2011. LNBIP, vol. 95, pp. 59–73. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  19. Sztompka, P.: Trust: A Sociological Theory. Cambridge University Press, Cambridge (2000)

    Google Scholar 

  20. van der Aalst, W.M.P., Kumar, A.: A reference model for team-enabled workflow management systems. Data Knowl. Eng. 38(3), 335–363 (2001)

    Article  MATH  Google Scholar 

  21. Wang, M., Bandara, K., Pahl, C.: Process as a service distributed multi-tenant policy-based process runtime governance. In: IEEE International Conference on Services Computing (SCC), pp. 578–585 (2010)

    Google Scholar 

  22. Wolter, C., Menzel, M., Schaad, A., Miseldine, P., Meinel, C.: Model-driven business process security requirement specification. J. Syst. Archit. Spec. Issue Secure SOA 55(4), 211–223 (2009)

    Article  Google Scholar 

  23. Yu, E.S.K.: Towards modelling and reasoning support for early-phase requirements engineering. In: Proceedings of the 3rd IEEE International Symposium on Requirements Engineering, pp. 226–235 (1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Paluno - The Ruhr Institute for Software Technology, University of Duisburg-Essen, Essen, Germany

    Nazila Gol Mohammadi & Maritta Heisel

Authors
  1. Nazila Gol Mohammadi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maritta Heisel
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nazila Gol Mohammadi .

Editor information

Editors and Affiliations

  1. Norwegian University of Science and Technology , Gjøvik, Norway

    Sokratis Katsikas

  2. University of Piraeus , Piraeus, Greece

    Costas Lambrinoudakis

  3. Plymouth University , Plymouth, United Kingdom

    Steven Furnell

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Mohammadi, N.G., Heisel, M. (2016). A Framework for Systematic Analysis and Modeling of Trustworthiness Requirements Using i* and BPMN. In: Katsikas, S., Lambrinoudakis, C., Furnell, S. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2016. Lecture Notes in Computer Science(), vol 9830. Springer, Cham. https://doi.org/10.1007/978-3-319-44341-6_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-44341-6_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-44340-9

  • Online ISBN: 978-3-319-44341-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics