A RISK BASED APPROACH FOR SELECTING SERVICES IN BUSINESS PROCESS EXECUTION

Authors

Stefan Sackmann, University of Freiburg, Institute of Computer Science & Social Studies, Department of Telematics
Lutz Lowis, University of Freiburg, Institute of Computer Science & Social Studies, Department of Telematics
Kai Kittel, University of Freiburg, Institute of Computer Science & Social Studies, Department of Telematics

Abstract

The vision of automated business processes within a service-oriented paradigm includes the flexible orchestration of IT services. Whenever alternative services are available for activities in an ITsupported business process, an automated decision is worth aspiring to. According to valueoriented management, this decision should be motivated economically and also requires taking account of risk. This paper presents a novel approach for assessing the risk of IT services, based on vulnerability information as can be obtained in the form of publicly available Common Vulnerability Scoring System (CVSS) data.

Recommended Citation

Sackmann, Stefan; Lowis, Lutz; and Kittel, Kai, "A RISK BASED APPROACH FOR SELECTING SERVICES IN BUSINESS PROCESS EXECUTION" (2009). Wirtschaftsinformatik Proceedings 2009. 38.
https://aisel.aisnet.org/wi2009/38