{"id":"https://openalex.org/W2046474200","doi":"https://doi.org/10.4018/jsse.2013040101","title":"Threat Representation Methods for Composite Service Process Models","display_name":"Threat Representation Methods for Composite Service Process Models","publication_year":2013,"publication_date":"2013-04-01","ids":{"openalex":"https://openalex.org/W2046474200","doi":"https://doi.org/10.4018/jsse.2013040101","mag":"2046474200"},"language":"en","primary_location":{"id":"doi:10.4018/jsse.2013040101","is_oa":false,"landing_page_url":"https://doi.org/10.4018/jsse.2013040101","pdf_url":null,"source":{"id":"https://openalex.org/S43656255","display_name":"International Journal of Secure Software Engineering","issn_l":"1947-3036","issn":["1947-3036","1947-3044"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320424","host_organization_name":"IGI Global","host_organization_lineage":["https://openalex.org/P4310320424"],"host_organization_lineage_names":["IGI Global"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Secure Software Engineering","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5028218902","display_name":"Per H\u00e5kon Meland","orcid":"https://orcid.org/0000-0002-5509-0184"},"institutions":[{"id":"https://openalex.org/I173888879","display_name":"SINTEF","ror":"https://ror.org/01f677e56","country_code":"NO","type":"facility","lineage":["https://openalex.org/I173888879"]}],"countries":["NO"],"is_corresponding":true,"raw_author_name":"Per H\u00e5kon Meland","raw_affiliation_strings":["Software Engineering, Safety and Security, SINTEF ICT, Trondheim, Norway"],"affiliations":[{"raw_affiliation_string":"Software Engineering, Safety and Security, SINTEF ICT, Trondheim, Norway","institution_ids":["https://openalex.org/I173888879"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5062661168","display_name":"Erlend Andreas Gj\u00e6re","orcid":null},"institutions":[{"id":"https://openalex.org/I173888879","display_name":"SINTEF","ror":"https://ror.org/01f677e56","country_code":"NO","type":"facility","lineage":["https://openalex.org/I173888879"]}],"countries":["NO"],"is_corresponding":false,"raw_author_name":"Erlend Andreas Gj\u00e6re","raw_affiliation_strings":["Software Engineering, Safety and Security, SINTEF ICT, Trondheim, Norway"],"affiliations":[{"raw_affiliation_string":"Software Engineering, Safety and Security, SINTEF ICT, Trondheim, Norway","institution_ids":["https://openalex.org/I173888879"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5028218902"],"corresponding_institution_ids":["https://openalex.org/I173888879"],"apc_list":null,"apc_paid":null,"fwci":0.81722166,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.82568816,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"4","issue":"2","first_page":"1","last_page":"18"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10703","display_name":"Business Process Modeling and Analysis","score":0.9940000176429749,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9805999994277954,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/business-process-model-and-notation","display_name":"Business Process Model and Notation","score":0.8735473155975342},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8390765190124512},{"id":"https://openalex.org/keywords/business-process","display_name":"Business process","score":0.5787790417671204},{"id":"https://openalex.org/keywords/business-process-modeling","display_name":"Business process modeling","score":0.5624428987503052},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.5256905555725098},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5089666843414307},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.48584720492362976},{"id":"https://openalex.org/keywords/process-modeling","display_name":"Process modeling","score":0.4585142135620117},{"id":"https://openalex.org/keywords/notation","display_name":"Notation","score":0.4294856786727905},{"id":"https://openalex.org/keywords/representation","display_name":"Representation (politics)","score":0.4206051826477051},{"id":"https://openalex.org/keywords/xpdl","display_name":"XPDL","score":0.4136124849319458},{"id":"https://openalex.org/keywords/unified-modeling-language","display_name":"Unified Modeling Language","score":0.41276082396507263},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.3914697766304016},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.2723330557346344},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.20093822479248047},{"id":"https://openalex.org/keywords/work-in-process","display_name":"Work in process","score":0.19688639044761658},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.15243077278137207},{"id":"https://openalex.org/keywords/workflow","display_name":"Workflow","score":0.1524059772491455},{"id":"https://openalex.org/keywords/linguistics","display_name":"Linguistics","score":0.08135303854942322}],"concepts":[{"id":"https://openalex.org/C179299601","wikidata":"https://www.wikidata.org/wiki/Q1017605","display_name":"Business Process Model and Notation","level":5,"score":0.8735473155975342},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8390765190124512},{"id":"https://openalex.org/C85345410","wikidata":"https://www.wikidata.org/wiki/Q851587","display_name":"Business process","level":3,"score":0.5787790417671204},{"id":"https://openalex.org/C207505557","wikidata":"https://www.wikidata.org/wiki/Q4374012","display_name":"Business process modeling","level":4,"score":0.5624428987503052},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.5256905555725098},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5089666843414307},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.48584720492362976},{"id":"https://openalex.org/C76956256","wikidata":"https://www.wikidata.org/wiki/Q27610560","display_name":"Process modeling","level":3,"score":0.4585142135620117},{"id":"https://openalex.org/C45357846","wikidata":"https://www.wikidata.org/wiki/Q2001982","display_name":"Notation","level":2,"score":0.4294856786727905},{"id":"https://openalex.org/C2776359362","wikidata":"https://www.wikidata.org/wiki/Q2145286","display_name":"Representation (politics)","level":3,"score":0.4206051826477051},{"id":"https://openalex.org/C130536060","wikidata":"https://www.wikidata.org/wiki/Q592375","display_name":"XPDL","level":4,"score":0.4136124849319458},{"id":"https://openalex.org/C145644426","wikidata":"https://www.wikidata.org/wiki/Q169411","display_name":"Unified Modeling Language","level":3,"score":0.41276082396507263},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.3914697766304016},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.2723330557346344},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.20093822479248047},{"id":"https://openalex.org/C174998907","wikidata":"https://www.wikidata.org/wiki/Q357662","display_name":"Work in process","level":2,"score":0.19688639044761658},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.15243077278137207},{"id":"https://openalex.org/C177212765","wikidata":"https://www.wikidata.org/wiki/Q627335","display_name":"Workflow","level":2,"score":0.1524059772491455},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.08135303854942322},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C94625758","wikidata":"https://www.wikidata.org/wiki/Q7163","display_name":"Politics","level":2,"score":0.0},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0},{"id":"https://openalex.org/C188220564","wikidata":"https://www.wikidata.org/wiki/Q3325097","display_name":"Workflow engine","level":3,"score":0.0},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.0},{"id":"https://openalex.org/C136264566","wikidata":"https://www.wikidata.org/wiki/Q159810","display_name":"Economy","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.4018/jsse.2013040101","is_oa":false,"landing_page_url":"https://doi.org/10.4018/jsse.2013040101","pdf_url":null,"source":{"id":"https://openalex.org/S43656255","display_name":"International Journal of Secure Software Engineering","issn_l":"1947-3036","issn":["1947-3036","1947-3044"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320424","host_organization_name":"IGI Global","host_organization_lineage":["https://openalex.org/P4310320424"],"host_organization_lineage_names":["IGI Global"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Secure Software Engineering","raw_type":"journal-article"},{"id":"pmh:oai:RePEc:igg:jsse00:v:4:y:2013:i:2:p:1-18","is_oa":false,"landing_page_url":"http://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/jsse.2013040101","pdf_url":null,"source":{"id":"https://openalex.org/S4306401271","display_name":"RePEc: Research Papers in Economics","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I77793887","host_organization_name":"Federal Reserve Bank of St. Louis","host_organization_lineage":["https://openalex.org/I77793887"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Partnerships for the goals","score":0.4300000071525574,"id":"https://metadata.un.org/sdg/17"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":26,"referenced_works":["https://openalex.org/W408019","https://openalex.org/W81799720","https://openalex.org/W146540859","https://openalex.org/W1751915865","https://openalex.org/W2005497495","https://openalex.org/W2011823066","https://openalex.org/W2051739511","https://openalex.org/W2076622132","https://openalex.org/W2082260209","https://openalex.org/W2103644359","https://openalex.org/W2104692292","https://openalex.org/W2110143060","https://openalex.org/W2116585427","https://openalex.org/W2132744877","https://openalex.org/W2134187816","https://openalex.org/W2149751311","https://openalex.org/W2161778459","https://openalex.org/W2164244929","https://openalex.org/W2166360477","https://openalex.org/W2169552304","https://openalex.org/W2185339795","https://openalex.org/W2759273942","https://openalex.org/W2985372241","https://openalex.org/W3161918289","https://openalex.org/W6689250347","https://openalex.org/W6744384640"],"related_works":["https://openalex.org/W4360764654","https://openalex.org/W2004965561","https://openalex.org/W2548538367","https://openalex.org/W2048823690","https://openalex.org/W1778671501","https://openalex.org/W2408087754","https://openalex.org/W2908501282","https://openalex.org/W2754051655","https://openalex.org/W4386781087","https://openalex.org/W3142251153"],"abstract_inverted_index":{"The":[0],"Business":[1],"Process":[2],"Modeling":[3],"Notation":[4],"(BPMN)":[5],"has":[6,53],"become":[7],"a":[8,58,128],"popular":[9],"standard":[10],"for":[11,22,110,155],"expressing":[12],"high":[13],"level":[14],"business":[15],"processes":[16],"as":[17,19],"well":[18],"technical":[20],"specifications":[21],"software":[23],"systems.":[24],"However,":[25],"the":[26,72,84,145],"specification":[27,112],"does":[28],"not":[29,39,79],"contain":[30],"native":[31],"support":[32],"to":[33,50,55],"express":[34],"security":[35,67,85,95],"information,":[36],"which":[37],"should":[38],"be":[40],"overlooked":[41],"in":[42,83,96,105,108],"today\u2019s":[43],"world":[44],"where":[45],"every":[46],"organization":[47],"is":[48],"exposed":[49],"threats":[51,104],"and":[52,98,113,137,152,159],"assets":[54],"protect.":[56],"Although":[57],"substantial":[59],"amount":[60],"of":[61,94,102,116,147],"work":[62],"enhancing":[63],"BPMN":[64,97,106,123],"1.x":[65],"with":[66,119,124],"related":[68],"information":[69,126],"already":[70],"exists,":[71],"opportunities":[73],"provided":[74],"by":[75],"version":[76],"2.0":[77],"have":[78,141],"received":[80],"much":[81],"attention":[82],"community":[86],"so":[87],"far.":[88],"This":[89],"paper":[90],"gives":[91],"an":[92],"overview":[93],"investigates":[99],"several":[100],"possibilities":[101],"representing":[103],"2.0,":[107],"particular":[109],"design-time":[111],"runtime":[114],"execution":[115],"composite":[117],"services":[118],"dynamic":[120],"behavior.":[121],"Enriching":[122],"threat":[125,130],"enables":[127],"process-centric":[129],"modeling":[131],"approach":[132],"that":[133],"complements":[134],"risk":[135],"assessment":[136],"attack":[138],"scenarios.":[139],"We":[140],"included":[142],"examples":[143],"showing":[144],"use":[146],"error":[148],"events,":[149],"escalation":[150],"events":[151],"text":[153],"annotations":[154],"process,":[156],"collaboration,":[157],"choreography":[158],"conversation":[160],"diagrams.":[161]},"counts_by_year":[{"year":2014,"cited_by_count":1}],"updated_date":"2026-02-09T09:26:11.010843","created_date":"2025-10-10T00:00:00"}