Title :
A Security Modeling Approach for Web-Service-Based Business Processes
Author :
Jensen, Meiko ; Feja, Sven
Author_Institution :
Horst Gortz Inst. for IT-Security, Ruhr Univ. Bochum, Bochum
Abstract :
The rising need for security in SOA applications requires better support for management of non-functional properties in Web-based business processes. Here, the model-driven approach may provide valuable benefits in terms of maintainability and deployment. Apart from modeling the pure functionality of a process, the consideration of security properties at the level of a process model is a promising approach. In this work-in-progress paper we present an extension to the ARIS SOA architect that is capable of modeling security requirements as a separate security model view. Further we provide a transformation that automatically derives WS-security policy-conformant security policies from the process model, which in conjunction with the generated WS-BPEL processes and WSDL documents provides the ability to deploy and run the complete security-enhanced process based on Web service technology.
Keywords :
Web services; business data processing; formal specification; object-oriented programming; security of data; software architecture; specification languages; SOA; WS-BPEL process; WSDL document; Web service-based business process; conformant security policy; model-driven approach; nonfunctional property management; security requirements modeling; Access control; Application software; Computer science; Computer security; Conferences; Data security; Information security; Programming; Service oriented architecture; Web services; SOA; Web Services; security; security model; views;
Conference_Titel :
Engineering of Computer Based Systems, 2009. ECBS 2009. 16th Annual IEEE International Conference and Workshop on the
Conference_Location :
San Francisco, CA
Print_ISBN :
978-0-7695-3602-6
DOI :
10.1109/ECBS.2009.14
