Multi Domain-Specific Modeling of the Security Concerns of Service-Oriented Architectures

Gallino, Juan Pedro Silva; Miguel, Miguel de; Briones, Javier Fernández; Alonso, Alejandro

doi:10.1109/scc.2011.102

Cited by 2 publications

(2 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In [9] the authors define an approach, which ensures the generation of security configurations from business process models. In the first step, the business process model is annotated with abstract security intents using different models and notations: like UML'S SOAML profile, UML's QoS profile, and secureUML.…”

Section: Related Workmentioning

confidence: 99%

An Aspect-Oriented Approach to Enforce Security Properties in Business Processes

Yahya

Turki

Charfi

et al. 2013

Service-Oriented Computing

View full text Add to dashboard Cite

Security is an essential requirement for business processes. However, we observe that security is mostly addressed at the technical implementation level and not at the design level. In a previous work we motivated the need to address security already in business process modeling. In this paper, we show how one could use Aspect-Oriented Programming (AOP) to enforce security requirements in a modular way. Starting from a business process model where security requirements are expressed using a profile mechanism we generate As-pectJ [1] code, which enforces those requirements. This generation is based on a set of Model-to-Text transformation rules. As security is a typical example for crosscutting concerns the usage of aspects allows for a modular implementation, in which the implementation of the business process is separated from the implementation of the security properties.

show abstract

Section: Related Workmentioning

confidence: 99%

An Aspect-Oriented Approach to Enforce Security Properties in Business Processes

Yahya

Turki

Charfi

et al. 2013

Service-Oriented Computing

View full text Add to dashboard Cite

show abstract

“…El proceso que se presenta, que extiende y detalla el presentado por primera vez en [Silva Gallino, J. P. and de Miguel, M. A. and Briones, J. F. and Alonso, A. (2011a)], hace uso de ontologías para el descubrimiento de modelos NF almacenados en repositorios.…”

Section: Introductionunclassified

Estrategia Guiada por Modelos para incluir Aspectos de Seguridad en Sistemas Empotrados Basados en Servicios Web

Gallino

Miguel

Briones

et al. 2014

Revista Iberoamericana de Automática e Informática Industrial R

Self Cite

View full text Add to dashboard Cite

En los sistemas distribuidos modernos, como la Internet o Web de las Cosas, la seguridad juega un papel preponderante. Debe prestarse especial atención a la consideración de estos aspectos en las primeras etapas de desarrollo. En este contexto, el desarrollo guiado por modelos de requisitos no funcionales (NF) presenta especial interés, ya que aborda dichas características NF en la etapa de diseño, cuando todavía se pueden realizar análisis, y aún hay margen para modificaciones antes de queéstas sean muy costosas. El uso de estas metodologías guiadas por modelos ofrece beneficios tales como el aumento de la productividad, una mayor reutilización de los elementos de diseño, o una mejor mantenibilidad del sistema. Este artículo presenta una estrategia de desarrollo que permite integrar aspectos NF de seguridad (confidencialidad, integridad, y control de acceso) en los sistemas de software empotrado.

show abstract

Multi Domain-Specific Modeling of the Security Concerns of Service-Oriented Architectures

Cited by 2 publications

References 2 publications

An Aspect-Oriented Approach to Enforce Security Properties in Business Processes

An Aspect-Oriented Approach to Enforce Security Properties in Business Processes

Estrategia Guiada por Modelos para incluir Aspectos de Seguridad en Sistemas Empotrados Basados en Servicios Web

Contact Info

Product

Resources

About