{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,16]],"date-time":"2026-03-16T22:46:52Z","timestamp":1773701212780,"version":"3.50.1"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319192697","type":"print"},{"value":"9783319192703","type":"electronic"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-19270-3_2","type":"book-chapter","created":{"date-parts":[[2015,5,27]],"date-time":"2015-05-27T14:57:19Z","timestamp":1432738639000},"page":"20-35","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Presentation and Validation of Method for Security Requirements Elicitation from Business Processes"],"prefix":"10.1007","author":[{"given":"Naved","family":"Ahmed","sequence":"first","affiliation":[]},{"given":"Raimundas","family":"Matulevi\u010dius","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,5,28]]},"reference":[{"key":"2_CR1","unstructured":"Ahmed, N., Matulevi\u010dius, R.: A method for eliciting security requirements from the business process models. In: CAiSE Forum and Doctoral Consortium 2014, 57\u201364 (2014)"},{"issue":"4","key":"2_CR2","doi-asserted-by":"crossref","first-page":"723","DOI":"10.1016\/j.csi.2013.12.007","volume":"36","author":"N Ahmed","year":"2014","unstructured":"Ahmed, N., Matulevi\u010dius, R.: Securing business processes using security risk-oriented patterns. Comput. Stan. Interfaces 36(4), 723\u2013733 (2014)","journal-title":"Comput. Stan. Interfaces"},{"key":"2_CR3","doi-asserted-by":"crossref","unstructured":"Apostolopoulos, G., Peris, V., Saha, D.: Transport layer security: how much does it really cost? In: Proceedings IEEE INFOCOM 1999 The Conference on Computer Communications, vol. 2, pp. 717\u2013725 (1999)","DOI":"10.1109\/INFCOM.1999.751458"},{"key":"2_CR4","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1007\/978-0-387-48533-1_9","volume-title":"Handbook of Database Security","author":"V Atluri","year":"2008","unstructured":"Atluri, V., Warner, J.: Security for workflow systems. In: Gertz, M., Jajodia, S. (eds.) Handbook of Database Security, pp. 213\u2013230. Springer, US (2008)"},{"issue":"10","key":"2_CR5","doi-asserted-by":"crossref","first-page":"42","DOI":"10.1109\/MCOM.2002.1039856","volume":"40","author":"R Chang","year":"2002","unstructured":"Chang, R.: Defending against flooding-based distributed denial-of-service attacks: a tutorial. Commun. Magazine, IEEE 40(10), 42\u201351 (2002)","journal-title":"Commun. Magazine, IEEE"},{"key":"2_CR6","volume-title":"SQL Injection Attacks and Defense","author":"J Clarke","year":"2012","unstructured":"Clarke, J., Fowler, K., Oftedal, E., Alvarez, R.M., Hartley, D., Kornbrust, A., O\u2019Leary-Steele, G., Revelli, A., Siddharth, S., Slaviero, M.: SQL Injection Attacks and Defense, 2nd edn. Syngress Publishing, Burlington (2012)","edition":"2"},{"key":"2_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"375","DOI":"10.1007\/978-3-540-75563-0_26","volume-title":"Conceptual Modeling - ER 2007","author":"G Elahi","year":"2007","unstructured":"Elahi, G., Yu, E.: A goal oriented approach for modeling and analyzing security trade-offs. In: Parent, C., Schewe, K.-D., Storey, V.C., Thalheim, B. (eds.) ER 2007. LNCS, vol. 4801, pp. 375\u2013390. Springer, Heidelberg (2007)"},{"issue":"1","key":"2_CR8","doi-asserted-by":"crossref","first-page":"7","DOI":"10.1007\/s00766-009-0092-x","volume":"15","author":"B Fabian","year":"2010","unstructured":"Fabian, B., G\u00fcrses, S., Heisel, M., Santen, T., Schmidt, H.: A comparison of security requirements engineering methods. Requirements Eng. 15(1), 7\u201340 (2010)","journal-title":"Requirements Eng."},{"issue":"1","key":"2_CR9","doi-asserted-by":"crossref","first-page":"53","DOI":"10.5381\/jot.2003.2.1.c6","volume":"2","author":"DG Firesmith","year":"2003","unstructured":"Firesmith, D.G.: Engineering security requirements. J. Object Technol. 2(1), 53\u201368 (2003)","journal-title":"J. Object Technol."},{"issue":"3\u20134","key":"2_CR10","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1007\/s10660-006-8677-7","volume":"6","author":"P Herrmann","year":"2006","unstructured":"Herrmann, P., Herrmann, G.: Security requirement analysis of business processes. Electronic Commerce Research 6(3\u20134), 305\u2013335 (2006)","journal-title":"Electronic Commerce Research"},{"issue":"11","key":"2_CR11","doi-asserted-by":"crossref","first-page":"1884","DOI":"10.1016\/j.infsof.2013.05.001","volume":"55","author":"W Hummer","year":"2013","unstructured":"Hummer, W., Gaubatz, P., Strembeck, M., Zdun, U., Dustdar, S.: Enforcement of entailment constraints in distributed service-based business processes. Inf. Softw. Technol. 55(11), 1884\u20131903 (2013)","journal-title":"Inf. Softw. Technol."},{"key":"2_CR12","first-page":"196","volume-title":"Software System Reliability and Security","author":"A van Lamsweerde","year":"2007","unstructured":"van Lamsweerde, A.: Engineering requirements for system reliability and security. In: Broy, M., Grunbauer, J., Hoare, C.A.R. (eds.) Software System Reliability and Security, vol. 9, pp. 196\u2013238. IOS Press, Amsterdam (2007)"},{"key":"2_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1007\/3-540-45800-X_33","volume-title":"\u00abUML\u00bb 2002 - The Unified Modeling Language. Model Engineering, Concepts, and Tools","author":"T Lodderstedt","year":"2002","unstructured":"Lodderstedt, T., Basin, D., Doser, J.: SecureUML: a UML-based modeling language for model-driven security. In: J\u00e9z\u00e9quel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426\u2013441. Springer, Heidelberg (2002)"},{"key":"2_CR14","first-page":"44","volume-title":"Integrating Security and Software Engineering","author":"N Mead","year":"2006","unstructured":"Mead, N.: identifying security requirements using the security quality requirements engineering (SQUARE) method. In: Mouratidis, H., Giorgini, P. (eds.) Integrating Security and Software Engineering, pp. 44\u201369. Idea Publishing Group, Hershey (2006)"},{"key":"2_CR15","doi-asserted-by":"crossref","unstructured":"Menzel, M., Thomas, I., Meinel, C.: Security requirements specification in service-oriented business process management. In: ARES, pp. 41\u201348 (2009)","DOI":"10.1109\/ARES.2009.90"},{"issue":"02","key":"2_CR16","doi-asserted-by":"crossref","first-page":"285","DOI":"10.1142\/S0218194007003240","volume":"17","author":"H Mouratidis","year":"2007","unstructured":"Mouratidis, H., Giorgini, P.: Secure tropos: a security-oriented extension of the tropos methodology. Int. J. Soft. Eng. Knowl. Eng. 17(02), 285\u2013309 (2007)","journal-title":"Int. J. Soft. Eng. Knowl. Eng."},{"key":"2_CR17","doi-asserted-by":"crossref","unstructured":"M\u00fcllle, J., von Stackelberg, S., Bohm, K.: Modelling and transforming security constraints in privacy-aware business processes. In: SOCA, pp. 1\u20134 (2011)","DOI":"10.1109\/SOCA.2011.6166257"},{"key":"2_CR18","volume-title":"Implementing Database Security and Auditing: Includes Examples for Oracle, SQL Server, DB2 UDB Sybase.","author":"RB Natan","year":"2005","unstructured":"Natan, R.B.: Implementing Database Security and Auditing: Includes Examples for Oracle, SQL Server, DB2 UDB Sybase. Digital Press, Newton (2005)"},{"issue":"1","key":"2_CR19","doi-asserted-by":"crossref","first-page":"128","DOI":"10.1145\/984334.984339","volume":"7","author":"J Park","year":"2004","unstructured":"Park, J., Sandhu, R.: The UCON-ABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1), 128\u2013174 (2004)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"2_CR20","unstructured":"Pavlovski, C.J., Zou, J.: Non-functional requirements in business process modeling. In: APCCM, pp. 103\u2013112. Australian Computer Society, Inc. (2008)"},{"key":"2_CR21","volume-title":"RealWorld Research - A Resource for Social Scientists and Practitioners-Researchers","author":"C Robson","year":"2002","unstructured":"Robson, C.: RealWorld Research - A Resource for Social Scientists and Practitioners-Researchers. Blackwell Publishing, Oxford (2002)"},{"issue":"4","key":"2_CR22","first-page":"745","volume":"E90\u2013D","author":"A Rodr\u00edguez","year":"2007","unstructured":"Rodr\u00edguez, A., Fern\u00e1ndez, M.E., Piattini, M.: A BPMN extension for the modeling of security requirements in business processes. IEICE-TIS E90\u2013D(4), 745\u2013752 (2007)","journal-title":"IEICE-TIS"},{"issue":"1\u20132","key":"2_CR23","doi-asserted-by":"crossref","first-page":"59","DOI":"10.1023\/B:ELEC.0000009282.06809.c5","volume":"4","author":"S R\u00f6hrig","year":"2004","unstructured":"R\u00f6hrig, S., Knorr, K.: Security analysis of electronic business processes. Electron. Commer. Res. 4(1\u20132), 59\u201381 (2004)","journal-title":"Electron. Commer. Res."},{"key":"2_CR24","volume-title":"Security Patterns: Integrating Security and Systems Engineering","author":"M Schumacher","year":"2006","unstructured":"Schumacher, M., Fernandez, E.B., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns: Integrating Security and Systems Engineering. Wiley, New York (2006)"},{"issue":"1","key":"2_CR25","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1007\/s00766-004-0194-4","volume":"10","author":"G Sindre","year":"2005","unstructured":"Sindre, G., Opdahl, A.L.: Eliciting Security Requirements with Misuse Cases. Requirements Eng. 10(1), 34\u201344 (2005)","journal-title":"Requirements Eng."},{"issue":"4","key":"2_CR26","first-page":"211","volume":"55","author":"C Wolter","year":"2009","unstructured":"Wolter, C., Menzel, M., Schaad, A., Miseldine, P., Meinel, C.: Model-driven business process security requirement specification. JSA. 55(4), 211\u2013223 (2009)","journal-title":"JSA."}],"container-title":["Lecture Notes in Business Information Processing","Information Systems Engineering in Complex Environments"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-19270-3_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,28]],"date-time":"2025-05-28T03:39:16Z","timestamp":1748403556000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-19270-3_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319192697","9783319192703"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-19270-3_2","relation":{},"ISSN":["1865-1348","1865-1356"],"issn-type":[{"value":"1865-1348","type":"print"},{"value":"1865-1356","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"28 May 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}