Composing Non-functional Concerns in Composite Web Services

Schmeling, Benjamin; Charfi, Anis; Mezini, Mira

doi:10.1109/icws.2011.111

Cited by 9 publications

(7 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, this work does not show if and how the generated security configurations are associated to external services. Another relevant initiative in the security automation area is Schmeling [31]. This initiative has three important contributions: (1) proposition of an approach for the composition of non-functional concerns in composite Web services; (2) presentation of a toolset supporting this approach; and (3) development of a runtime architecture for realizing the modeled specification.…”

Section: Translation Of Security-aware Business Processesmentioning

confidence: 99%

“…Related work already focus on related issues such as: specification of security requirements [2,8,19,21,26,28,[34][35][36], translation of high-level security requirements into security executable configurations [21,31,36], translation of the functional business process into an executable process [24,25] and security enforcement [7,9,12,37]. However, there is a lack of a holistic environment that integrates all the aforementioned points, which includes not only the security modeling, translation and enforcement, but also the functional business process automation in the same approach.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Automation of service-based security-aware business processes in the Cloud

et al. 2015

View full text Add to dashboard Cite

The use of business process standards to model and execute business needs is growing rapidly. In addition, Service-oriented Computing has been adopted to realize business processes, which basically consists of executing the process activities using services available in the Internet. In this context, the importance of security is apparent, because sensitive data sent over the Internet may be accessed by unauthorized thirdparties. To prevent security problems, users may associate security requirements that must be enforced in essential tasks of the business process. This fact leads to the need of automation, because both functional and security requirements should be modeled, at high-level, and enforced, at execution level. This work proposes a cloud-based solution named BPA-Sec4Cloud that supports all phases of the security-aware business process automation, from its modeling to its deployment. The use of a cloud-based solution facilitates the deployment process because all needed resources are available in the cloud and ready to be used. In addition, the cloud is also used as a platform in order to provide specific services, such as translators, to support the automation process. In order to evaluate the BPA-Sec4Cloud, the solution was compared against existing solutions through the use of metrics related to the quality of generated artifacts. B Fernando Lins

show abstract

Section: Translation Of Security-aware Business Processesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Automation of service-based security-aware business processes in the Cloud

et al. 2015

View full text Add to dashboard Cite

show abstract

“…In this section, we provide an overview of the NFComp approach [11,12] for composing non-functional concerns in business processes. NFComp is a modeldriven approach for concern composition that superposes non-functional concerns (NFCs), such as security, performance, or transactional behavior, into finegrained non-functional actions (NFAs).…”

Section: Composing Non-functional Concerns For Servicesmentioning

confidence: 99%

“…We focus on the technical realization through the composition of individual actions, regarding distinct security properties. The actions and their compositions are then combined with the base process model using the NFComp modeling framework [11]. This generic framework covers the life cycle of non-functional concerns from modeling to execution.…”

Section: Introductionmentioning

confidence: 99%

A Model-Driven Approach for Accountability in Business Processes

Oliveira¹,

Charfi²,

Schmeling³

et al. 2014

Enterprise, Business-Process and Information Systems Modeling

Self Cite

View full text Add to dashboard Cite

Abstract. Accountability provides the necessary assurance to different stakeholders (customers, auditors, regulators) about the correct execution of the obligations concerning compliance requirements. Modeling accountability in a business process is an important problem, as SOA is the generally accepted standard for IT systems. This requires the orchestration of several non-functional concerns across services (such as authentication, authorization, logging, among others) to attest the correct operation of control activities. In this paper, we show how a model-driven framework for non-functional concerns can integrate accountability in business processes. Using the NFComp modeling framework, we define and compose a set of non-functional concerns that securely assert that subjects have fulfilled their responsibilities, towards realizing accountability. The approach allows the reuse of the composed accountability concerns in different processes.

show abstract

“…The work of Chollet et al [7] defines a proposal to associate non-functional quality properties (security properties) to functional activities in a web service composition model. Schmeling et al [21] present an approach and also a toolset for specifying and implementing non-functional concerns in web service compositions. Non-functional concerns are modelled and then related to a service composition represented in a BPMN diagram.…”

Section: Related Workmentioning

confidence: 99%

Supporting Non-functional Requirements in Services Software Development Process: An MDD Approach

Castro

Musicante

Costa

et al. 2014

SOFSEM 2014: Theory and Practice of Computer Science

View full text Add to dashboard Cite

Abstract. This paper presents the π-SODM method an extension to the Service Oriented Development Method (SOD-M) to support the development of services software considering their functional and non-functional requirements. Specifically, π-SODM proposes: (i) meta-models for representing non-functional requirements in different abstraction levels; (ii) model-to-model transformation rules, useful to semi-automatically refine Platform Independent Models into Platform Specific Models; and (iii) rules to transform Platform Specific Models into concrete implementations. In order to illustrate the use of this methodology the paper describes how its use to develop a proof-of-concept.

show abstract

Composing Non-functional Concerns in Composite Web Services

Cited by 9 publications

References 10 publications

Automation of service-based security-aware business processes in the Cloud

Automation of service-based security-aware business processes in the Cloud

A Model-Driven Approach for Accountability in Business Processes

Supporting Non-functional Requirements in Services Software Development Process: An MDD Approach

Contact Info

Product

Resources

About