Hoisl, Bernhard, Strembeck, Mark. 2012. A UML Extension for the Model-driven Specification of Audit Rules. In Proceedings of the 2nd International Workshop on Information Systems Security Engineering (WISSE), Hrsg. M. Bajec and J. Eder, 16-30. Berlin: Springer.


BibTeX

@INPROCEEDINGS{Hoisl2012,
title = {A UML Extension for the Model-driven Specification of Audit Rules},
author = {Bernhard Hoisl and Mark Strembeck},
publisher = {Springer},
year = {2012},
address = {Berlin},
publisher = {Springer},
language = {EN},
pages = {16-30},
series = {Proceedings of the 2nd International Workshop on Information Systems Security Engineering (WISSE)},
abstract = {In recent years, a number of laws and regulations (such as the Basel II accord or SOX) demand that organizations record certain activities or decisions to fulfill legally enforced reporting duties. Most of these regulations have a direct impact on the information systems that support an organization's business processes. Therefore, the definition of audit requirements at the modeling-level is an important prerequisite for the thorough implementation and enforcement of corresponding policies in a software system. In this paper, we present a UML extension for the specification of audit properties. The extension is generic and can be applied to a wide variety of UML elements. In a model-driven development (MDD) approach, our extension can be used to generate corresponding audit rules via model transformations.},
}

Abstract

In recent years, a number of laws and regulations (such as the Basel II accord or SOX) demand that organizations record certain activities or decisions to fulfill legally enforced reporting duties. Most of these regulations have a direct impact on the information systems that support an organization's business processes. Therefore, the definition of audit requirements at the modeling-level is an important prerequisite for the thorough implementation and enforcement of corresponding policies in a software system. In this paper, we present a UML extension for the specification of audit properties. The extension is generic and can be applied to a wide variety of UML elements. In a model-driven development (MDD) approach, our extension can be used to generate corresponding audit rules via model transformations.

Publication's profile

Status of publication Published
Affiliation WU
Type of publication Contribution to conference proceedings
Language English
Title A UML Extension for the Model-driven Specification of Audit Rules
Title of whole publication Proceedings of the 2nd International Workshop on Information Systems Security Engineering (WISSE)
Editor M. Bajec and J. Eder
Page from 16
Page to 30
Location Berlin
Publisher Springer
Year 2012

Associations

Projects
Domain-Specific Languages for Model-Driven Security Engineering
People
Hoisl, Bernhard (Former researcher)
Strembeck, Mark (Details)
Organization
Information Systems and New Media IN (Details)
Research areas (Ă–STAT Classification 'Statistik Austria')
1108 Informatics (Details)
1140 Software engineering (Details)
1147 IT security (Details)
5367 Management information systems (Details)
Google Scholar: Search