Enterprise Architecture-Based Risk and Security Modelling and Analysis

Henk Jonkers, Dick Quartel

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    3 Citations (Scopus)

    Abstract

    The growing complexity of organizations and the increasing number of sophisticated cyber attacks asks for a systematic and integral approach to Enterprise Risk and Security Management (ERSM). As enterprise architecture offers the necessary integral perspective, including the business and IT aspects as well as the business motivation, it seems natural to integrate risk and security aspects in the enterprise architecture. In this paper we show how the ArchiMate standard for enterprise architecture modelling can be used to support risk and security modelling and analysis throughout the ERSM cycle, covering both risk assessment and security deployment.
    Original languageEnglish
    Title of host publicationGraphical Models for Security
    Subtitle of host publicationThird International Workshop, GraMSec 2016, Lisbon, Portugal, June 27, 2016, Revised Selected Papers
    EditorsBarbara Kordy, Mathias Ekstedt, Deng Seong Kim
    Place of PublicationCham
    PublisherSpringer
    Pages94-101
    Number of pages8
    ISBN (Electronic)978-3-319-46263-9
    ISBN (Print)978-3-319-46262-2
    DOIs
    Publication statusPublished - 8 Sep 2016
    Event3rd International Workshop on Graphical Models for Security, GraMSec 2016 - Lisbon, Portugal
    Duration: 27 Jun 201627 Jun 2016
    Conference number: 3

    Publication series

    NameLecture notes in computer science
    PublisherSpringer Verlag
    Volume9987
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Workshop

    Workshop3rd International Workshop on Graphical Models for Security, GraMSec 2016
    Abbreviated titleGraMSec
    CountryPortugal
    CityLisbon
    Period27/06/1627/06/16

      Fingerprint

    Keywords

    • Enterprise Architecture
    • Risk analysis
    • Risk and security modelling
    • EC Grant Agreement nr.: FP7/318003
    • ArchiMate
    • EWI-27179
    • METIS-318505
    • IR-101091
    • EC Grant Agreement nr.: FP7/2007-2013

    Cite this

    Jonkers, H., & Quartel, D. (2016). Enterprise Architecture-Based Risk and Security Modelling and Analysis. In B. Kordy, M. Ekstedt, & D. Seong Kim (Eds.), Graphical Models for Security: Third International Workshop, GraMSec 2016, Lisbon, Portugal, June 27, 2016, Revised Selected Papers (pp. 94-101). (Lecture notes in computer science; Vol. 9987). Cham: Springer. https://doi.org/10.1007/978-3-319-46263-9_6