Options
2013
Conference Paper
Titel
Ontology-based analysis of compliance and regulatory requirements of business processes
Abstract
Despite its significant potential benefits, the concept of Cloud Computing is still regarded with skepticism in most companies. One of the main obstacle is posed by concerns about the systems' security and compliance issues. Examining system and process models for compliance manually is time-consuming and error-prone, in particular due to the mere extent of potentially relevant sources of security and compliance concerns that have to be considered. This paper proposes techniques to ease these problems by providing support in identifying relevant aspects, as well as suggesting possible methods (from an existing pool of such) to actually check a given model. We developed a two-step approach: At first, we build an ontology to formalize rules from relevant standards, augmented with additional semantic information. This ontology is then utilized in the analysis of an actual model of a system or a business process in order to detect possible compliance obligations.
Author(s)
Project(s)
SecureClouds
SecureClouds