Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 32731
SeCloudBPMN: A Lightweight Extension for BPMN Considering Security Threats in the Cloud

Authors: Somayeh Sobati Moghadam


Business processes are crucial for organizations and help businesses to evaluate and optimize their performance and processes against current and future-state business goals. Outsourcing business processes to the cloud becomes popular due to a wide varsity of benefits and cost-saving. However, cloud outsourcing raises enterprise data security concerns, which must be incorporated in Business Process Model and Notation (BPMN). This paper, presents SeCloudBPMN, a lightweight extension for BPMN which extends the BPMN to explicitly support the security threats in the cloud as an outsourcing environment. SeCloudBPMN helps business’s security experts to outsource business processes to the cloud considering different threats from inside and outside the cloud. In this way, appropriate security countermeasures could be considered to preserve data security in business processes outsourcing to the cloud.

Keywords: BPMN, security threats, cloud computing, graphical representation.

Digital Object Identifier (DOI):

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 720


[1] S. Sobati-Moghadam and A. Fayoumi, “Private collaborative business benchmarking in the cloud,” in Computing Conference 2018. London, UK. IEEE Xplore, 2018.
[2] E. Shi, J. Bethencourt, T.-H. Chan, D. Song, and A. Perrig, “Multi-dimensional range query over encrypted data,” in Security and Privacy, 2007. SP’07. IEEE Symposium on. IEEE, 2007, pp. 350–364.
[3] E. Damiani, S. di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati, “Key management for multi-user encrypted databases,” in Proceedings of the 2005 ACM workshop on Storage security and survivability. ACM, 2005, pp. 74–83.
[4] OMG, Business Process Model and Notation (BPMN), Version 2.0, Object Management Group Std., Rev. 2.0, January 2011.
[Online]. Available:
[5] M. Rekik, K. Boukadi, and H. Ben-Abdallah, “Towards outsource-ability enabled BPMN,” in ICSOFT-EA 2015 - Proceedings of the 10th International Conference on Software Engineering and Applications, France, 20-22 July,, 2015, pp. 5–14.
[Online]. Available:
[6] Y. Alotaibi, “Business process modelling challenges and solutions: a literature review,” Journal of Intelligent Manufacturing, vol. 27, no. 4, pp. 701–723, Aug 2016.
[Online]. Available:
[7] A. Goldstein and U. Frank, “A language for multi-perspective modelling of it security: Objectives and analysis of requirements,” in Business Process Management Workshops, M. La Rosa and P. Soffer, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013, pp. 636–648.
[8] T. Neubauer, M. Klemen, and S. Biffl, “Secure business process management: A roadmap,” in Proceedings of First International Conference on Availability, Reliability and Security, ARES, 2006.
[9] D.-H. Yang, S. Kim, C. Nam, and J.-W. Min, “Developing a decision model for business process outsourcing,” Comput. Oper. Res., vol. 34, no. 12, pp. 3769–3778, Dec. 2007.
[Online]. Available:
[10] S. Sobati-M, J. Darmont, and G. Gavin, “Enforcing privacy in cloud databases,” in Big Data Analytics and Knowledge Discovery - 19th International Conference, DaWaK 2017, Lyon, France, August 28-31, 2017, Proceedings, ser. Lecture Notes in Computer Science, L. Bellatreche and S. Chakravarthy, Eds., vol. 10440. Springer, 2017, pp. 53–73.