A security modeling approach for web-service-based business processes

Meiko Jensen*, Sven Feja

*Kontaktforfatter for dette arbejde

Publikation: Bidrag til bog/antologi/rapport/konference-proceedingKonferencebidrag i proceedingsForskningpeer review

Resumé

The rising need for security in SOA applications requires better support for management of non-functional properties in web-based business processes. Here, the model-driven approach may provide valuable benefits in terms of maintainability and deployment. Apart from modeling the pure functionality of a process, the consideration of security properties at the level of a process model is a promising approach. In this work-in-progress paper we present an extension to the ARIS SOA Architect that is capable of modeling security requirements as a separate security model view. Further we provide a transformation that automatically derives WS-SecurityPolicy-conformant security policies from the process model, which in conjunction with the generated WS-BPEL processes and WSDL documents provides the ability to deploy and run the complete security-enhanced process based on Web Service technology.

OriginalsprogEngelsk
TitelProceedings of the International Symposium and Workshop on Engineering of Computer Based Systems
Antal sider8
Publikationsdato16. jul. 2009
Sider340-347
Artikelnummer4839262
ISBN (Trykt)9780769536026
DOI
StatusUdgivet - 16. jul. 2009

Fingeraftryk

Web services
Service oriented architecture (SOA)
Industry
WSDL
Maintainability

Citer dette

Jensen, M., & Feja, S. (2009). A security modeling approach for web-service-based business processes. I Proceedings of the International Symposium and Workshop on Engineering of Computer Based Systems (s. 340-347). [4839262] https://doi.org/10.1109/ECBS.2009.14
Jensen, Meiko ; Feja, Sven. / A security modeling approach for web-service-based business processes. Proceedings of the International Symposium and Workshop on Engineering of Computer Based Systems. 2009. s. 340-347
@inproceedings{c32a1722031c44c38870b969e87bda90,
title = "A security modeling approach for web-service-based business processes",
abstract = "The rising need for security in SOA applications requires better support for management of non-functional properties in web-based business processes. Here, the model-driven approach may provide valuable benefits in terms of maintainability and deployment. Apart from modeling the pure functionality of a process, the consideration of security properties at the level of a process model is a promising approach. In this work-in-progress paper we present an extension to the ARIS SOA Architect that is capable of modeling security requirements as a separate security model view. Further we provide a transformation that automatically derives WS-SecurityPolicy-conformant security policies from the process model, which in conjunction with the generated WS-BPEL processes and WSDL documents provides the ability to deploy and run the complete security-enhanced process based on Web Service technology.",
author = "Meiko Jensen and Sven Feja",
year = "2009",
month = "7",
day = "16",
doi = "10.1109/ECBS.2009.14",
language = "English",
isbn = "9780769536026",
pages = "340--347",
booktitle = "Proceedings of the International Symposium and Workshop on Engineering of Computer Based Systems",

}

Jensen, M & Feja, S 2009, A security modeling approach for web-service-based business processes. i Proceedings of the International Symposium and Workshop on Engineering of Computer Based Systems., 4839262, s. 340-347. https://doi.org/10.1109/ECBS.2009.14

A security modeling approach for web-service-based business processes. / Jensen, Meiko; Feja, Sven.

Proceedings of the International Symposium and Workshop on Engineering of Computer Based Systems. 2009. s. 340-347 4839262.

Publikation: Bidrag til bog/antologi/rapport/konference-proceedingKonferencebidrag i proceedingsForskningpeer review

TY - GEN

T1 - A security modeling approach for web-service-based business processes

AU - Jensen, Meiko

AU - Feja, Sven

PY - 2009/7/16

Y1 - 2009/7/16

N2 - The rising need for security in SOA applications requires better support for management of non-functional properties in web-based business processes. Here, the model-driven approach may provide valuable benefits in terms of maintainability and deployment. Apart from modeling the pure functionality of a process, the consideration of security properties at the level of a process model is a promising approach. In this work-in-progress paper we present an extension to the ARIS SOA Architect that is capable of modeling security requirements as a separate security model view. Further we provide a transformation that automatically derives WS-SecurityPolicy-conformant security policies from the process model, which in conjunction with the generated WS-BPEL processes and WSDL documents provides the ability to deploy and run the complete security-enhanced process based on Web Service technology.

AB - The rising need for security in SOA applications requires better support for management of non-functional properties in web-based business processes. Here, the model-driven approach may provide valuable benefits in terms of maintainability and deployment. Apart from modeling the pure functionality of a process, the consideration of security properties at the level of a process model is a promising approach. In this work-in-progress paper we present an extension to the ARIS SOA Architect that is capable of modeling security requirements as a separate security model view. Further we provide a transformation that automatically derives WS-SecurityPolicy-conformant security policies from the process model, which in conjunction with the generated WS-BPEL processes and WSDL documents provides the ability to deploy and run the complete security-enhanced process based on Web Service technology.

U2 - 10.1109/ECBS.2009.14

DO - 10.1109/ECBS.2009.14

M3 - Article in proceedings

SN - 9780769536026

SP - 340

EP - 347

BT - Proceedings of the International Symposium and Workshop on Engineering of Computer Based Systems

ER -

Jensen M, Feja S. A security modeling approach for web-service-based business processes. I Proceedings of the International Symposium and Workshop on Engineering of Computer Based Systems. 2009. s. 340-347. 4839262 https://doi.org/10.1109/ECBS.2009.14