Skip to main content
SpringerLink
Log in

Modeling and enforcing secure object flows in process-driven SOAs: an integrated model-driven approach

  • Theme Section Paper
  • Published:
Software & Systems Modeling Aims and scope Submit manuscript

Abstract

In this paper, we present an integrated model-driven approach for the specification and the enforcement of secure object flows in process-driven service-oriented architectures (SOA). In this context, a secure object flow ensures the confidentiality and the integrity of important objects (such as business contracts or electronic patient records) that are passed between different participants in SOA-based business processes. We specify a formal and generic metamodel for secure object flows that can be used to extend arbitrary process modeling languages. To demonstrate our approach, we present a UML extension for secure object flows. Moreover, we describe how platform-independent models are mapped to platform-specific software artifacts via automated model transformations. In addition, we give a detailed description of how we integrated our approach with the Eclipse modeling tools.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22
Fig. 23
Fig. 24
Fig. 25
Fig. 26
Fig. 27
Fig. 28
Fig. 29

Similar content being viewed by others

Notes

  1. For the sake of simplicity, Figs. 3 and 4 show only two incoming/outgoing flows for the respective control nodes. However, the corresponding discussion equally applies to an arbitrary number of incoming/outgoing edges, of course.

  2. For some of our OCL constraints, Appendix A provides two optional OCL statements expressing identical constraints, where each of these optional constraints complies with a different version of the OCL standard. OCL Constraints 4a and 6a comply with OCL version 2.2 [56], while OCL Constraints 4b and 6b use new language constructs from the OCL 2.3.1 standard [57]. The changes affect only the allSuccessors() and allPredecessors() definitions which are interchangeable.

  3. For example, an alternative visualization of SecureObjectFlows attributes would use comments/constraints attached to secure object nodes directly in an activity diagram.

  4. Note, however, that we only make these assumptions to simplify the following explanations, our approach is independent of these assumptions, of course.

  5. Note that such “choreography roles” do only model which participant provides and/or requests specific functions/interfaces. They do not model access control roles. For the definition of process-related access control models, the SecureObjectFlows extension is integrated with the extension presented in [85].

  6. All modeling and implementation artifacts are available from http://nm.wu.ac.at/modsec.

  7. This constraint conforms to the OCL standard version 2.2 [56].

  8. This constraint conforms to the OCL standard version 2.3.1 [57].

  9. This constraint conforms to the OCL standard version 2.2 [56].

  10. This constraint conforms to the OCL standard version 2.3.1 [57].

  11. Here, an OCL 2.3.1 compliant definition is omitted. For an OCL 2.3.1 compliant definition of allPredecessors() see OCL Constraint 6b in Appendix  A.

  12. Here, an OCL 2.3.1 compliant definition is omitted. For an OCL 2.3.1 compliant definition of allPredecessors() see OCL Constraint 6b in Appendix A.

  13. Here, an OCL 2.3.1 compliant definition is omitted. For an OCL 2.3.1 compliant definition of allSuccessors() see OCL Constraint 4b in Appendix A.

References

  1. Apache Software Foundation (ASF): Apache Axis2. http://axis.apache.org/axis2/java/core/ (2012)

  2. Apache Software Foundation (ASF): Apache ODE. http://ode.apache.org (2012)

  3. Apache Software Foundation (ASF): Apache Rampart—Axis2 Security Module. http://axis.apache.org/axis2/java/rampart/ (2012)

  4. Axenath, B., Kindler, E., Rubin, V.: AMFIBIA: a meta-model for the integration of business process modelling aspects. In: Leymann, F., Reisig, W., Thatte, S., van der Aalst, W. (eds.) The Role of Business Processes in Service Oriented Architectures, Dagstuhl Seminar Proceedings (2006)

  5. Basin, D., Doser, J., Lodderstedt, T.: Model driven security: from UML models to access control infrastructures. ACM Transact. Softw. Eng. Methodol. (TOSEM) 15(1), 39–91 (2006)

    Article  Google Scholar 

  6. Baumgrass, A., Baier, T., Mendling, J., Strembeck, M.: Conformance checking of RBAC policies in process-aware information systems. In: Proceedings of the Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Business Information Processing (LNBIP), vol. 100. Springer, Berlin (2011)

  7. Cannon, J., Byers, M.: Compliance deconstructed. ACM Queue 4(7), 30–37 (2006)

    Article  Google Scholar 

  8. Committee on National Security Systems (CNSS): National Information Assurance (IA): glossary. http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf (2010)

  9. Damianides, M.: How does SOX change IT? J. Corp. Account. Finance 15(6), 35–41 (2004)

    Article  Google Scholar 

  10. Eclipse Foundation: Eclipse IDE. http://www.eclipse.org (2012)

  11. Eclipse Foundation: Eclipse model development tools (MDT). http://www.eclipse.org/modeling/mdt/ (2012)

  12. Eclipse Foundation: Eclipse Papyrus. http://www.eclipse.org/modeling/mdt/papyrus/ (2012)

  13. Elvesæter, B., Berre, A.-J., Sadovykh, A.: Specifying services using the service oriented architecture modeling language (SoaML)—a baseline for specification of cloud-based services. In: Proceedings of the 1st International Conference on Cloud Computing and Services Science (CLOSER’11), pp. 276–285. SciTePress (2011)

  14. Elvesæter, B., Carrez, C., Mohagheghi, P., Berre, A.-J., Johnsen, S., Solberg, A.: Model-driven service engineering with SoaML. In: Service Engineering—European Research Results, pp. 25–54. Springer, Berlin (2011)

  15. Fink, T., Koch, M., Pauls, K.: An MDA approach to access control specifications using MOF and UML profiles. In: Electronic Notes in Theoretical Computer Science, pp. 161–179 (2006)

  16. International Organization for Standardization (ISO): Information technology: security techniques—code of practice for information security management, ISO/IEC 27002:2005, Stage: 90.92. http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=50297 (2008)

  17. International Organization for Standardization (ISO): Information technology: security techniques—information security management systems—requirements, ISO/IEC 27001:2005, Stage: 90.92. http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=42103 (2008)

  18. International Organization for Standardization (ISO): Information technology—security techniques—information security management systems—overview and vocabulary, ISO/IEC 27000:2009, Stage: 60.60. http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=41933 (2009)

  19. Foster, H., Gönczy, L., Koch, N., Mayer, P., Montangero, C., Varró, D. UML extensions for service-oriented systems. In: Wirsing, M., Hölzl, M. (eds.) Rigorous Software Engineering for Service-Oriented Systems, Lecture Notes in Computer Science (LNCS), pp. 35–60. Springer, Berlin (2011)

  20. Gilmore, S., Gönczy, L., Koch, N., Mayer, P., Tribastone, M., Varró, D.: Non-functional properties in the model-driven development of service-oriented systems. Softw. Syst. Model. 10(3), 287–311 (2011)

    Article  Google Scholar 

  21. Hafner, M., Alam, M., Breu, R.: Towards a MOF/QVT-based domain architecture for model driven security. In: Proceedings of the 9th International Conference on Model Driven Engineering Languages and Systems (MODELS 2006), Lecture Notes in Computer Science (LNCS), pp. 275–290. Springer, Berlin (2006)

  22. Hafner, M., Breu, R.: Security Engineering for Service-Oriented Architectures, 1st edn. Springer, Berlin (2009)

  23. Hafner, M., Breu, R., Agreiter, B., Nowak, A.: SECTET: an extensible framework for the realization of secure inter-organizational workflows. Internet Res. 16(5), 491–506 (2006)

    Article  Google Scholar 

  24. Hafner, M., Memon, M., Alam, M.: Modeling and enforcing advanced access control policies in healthcare systems with SECTET. In: Giese, H. (ed.) Models in Software Engineering, pp. 132–144. Springer, Berlin (2008)

  25. Hentrich, C., Zdun, U.: A pattern language for process execution and integration design in service-oriented architectures. In: Noble, J., Johnson, R. (eds.) Transactions on Pattern Languages of Programming I, Lecture Notes in Computer Science (LNCS), pp. 136–191. Springer, Berlin (2009)

  26. Hoisl, B., Sobernig, S.: Integrity and confidentiality annotations for service interfaces in SoaML models. In: Proceedings of the International Workshop on Security Aspects of Process-aware Information Systems (SAPAIS2011), pp. 673–679. IEEE (2011)

  27. Hoisl, B., Strembeck, M.: Modeling support for confidentiality and integrity of object flows in activity models. In: Proceedings of the 14th International Conference on Business Information Systems (BIS2011), Lecture Notes in Business Information Processing (LNBIP), pp. 278–289. Springer, Berlin (2011)

  28. Hoisl, B., Strembeck, M.: A UML extension for the model-driven specification of audit rules. In: Proceedings of the 2nd International Workshop on Information Systems Security Engineering (WISSE), Lecture Notes in Business Information Processing (LNBIP). Springer, Berlin (2012)

  29. Huhns, M., Singh, M.: Service-oriented computing: key concepts and principles. IEEE Internet Comput. 9, 75–81 (2005)

    Article  Google Scholar 

  30. Hummer, W., Gaubatz, P., Strembeck, M., Zdun, U., Dustdar, S.: An integrated approach for identity and access management in a SOA context. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies (SACMAT) (2011)

  31. Jensen, M., Feja, S.: A security modeling approach for web-service-based business processes. In: Proceedings of the 16th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems, pp. 340–347. IEEE (2009)

  32. Jürjens, J.: UMLsec: extending UML for secure systems development. In: Proceedings of the 5th International Conference on The Unified Modeling Language, pp. 412–425. Springer, Berlin (2002)

  33. Jürjens, J.: Secure Systems Development with UML. Springer, Berlin (2005)

  34. Kim, S., Burger, D., Carrington, D.: An MDA approach towards integrating formal and informal modeling languages. In: Proceedings of the International Symposium of Formal Methods Europe, Lecture Notes in Computer Science (LNCS), vol. 3582, pp. 448–464. Springer, Berlin (2005)

  35. Kopp, O., Martin, D., Wutke, D., Leymann, F.: The difference between graph-based and block-structured business process modelling languages. Enterp. Model. Inf. Syst. 4(1), 3–13 (2009)

    Google Scholar 

  36. Mayer, P.: Model-driven development for service-oriented computing—transformers. http://mdd4soa.eu/transformers/ (2008)

  37. Mayer, P.: MDD4SOA—model-driven development for service-oriented architectures. PhD thesis, Ludwig Maximilian University of Munich, Faculty of Mathematics, Computer Science and Statistics (2010)

  38. Mayer, P., Koch, N., Schröder, A., Knapp, A.: The UML4SOA profile. http://www.uml4soa.eu/wp-content/uploads/uml4soa.pdf (2010)

  39. Mayer, P., Schröder, A., Koch, N.: MDD4SOA: model-driven service orchestration. In: Proceedings of the 12th International IEEE Enterprise Distributed Object Computing Conference, pp. 203–212. IEEE (2008)

  40. Memon, M., Hafner, M., Breu, R.: SECTISSIMO: a platform-independent framework for security services. In: Proceedings of the Modeling Security Workshop in Association with MODELS 2008 (2008)

  41. Mendling, J., Lassen, K., Zdun, U.: On the transformation of control flow between block-oriented and graph-oriented process modeling languages. Int. J. Business Process Integr. Manag. 3(2), 96–108 (2008)

    Article  Google Scholar 

  42. Mens, T., van Gorp, P.: A taxonomy of model transformation. Electron. Notes Theor. Comput. Sci. 152, 125–142 (2006)

    Article  Google Scholar 

  43. Mishra, S., Weistroffer, H.: A framework for integrating Sarbanes-Oxley compliance into the systems development process. Commun. Assoc. Inf. Systems (CAIS) 20(1), 712–727 (2007)

    Google Scholar 

  44. Nakamura Y., Tatsubori M., Imamura T., Ono K.: Model-driven security based on a web services security architecture. In: Proceedings of the IEEE International Conference on Services Computing, pp. 7–15. IEEE (2005)

  45. National Institute of Standards and Technology (NIST): An Introduction to Computer Security: The NIST Handbook. Special Publication 800–12. http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf (1995)

  46. National Institute of Standards and Technology (NIST): Data Encryption Standard (DES). Federal Information Processing Standards Publication 46–3. http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf (1999)

  47. National Institute of Standards and Technology (NIST): Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf (2001)

  48. National Institute of Standards and Technology (NIST): Secure Hash Standard (SHS). Federal Information Processing Standards Publication 180–3. http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf (2008)

  49. National Institute of Standards and Technology (NIST): Recommended Security Controls for Federal Information Systems and Organizations. NIST Special Publication 800–53, Revision 3. http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-final_updated-errata_05-01-2010.pdf (2009)

  50. National Security Agency (NSA): Information assurance technical framework. http://handle.dtic.mil/100.2/ADA393328 (2000)

  51. No Magic, Inc.: MacigDraw. https://www.magicdraw.com (2012)

  52. Object Management Group: OMG Business Process Model and Notation (BPMN) Specification, Version 2.0, formal/2011-01-03. http://www.omg.org/spec/BPMN (2011)

  53. Object Management Group: OMG Meta Object Facility (MOF) Core Specification, Version 2.4.1, formal/2011-08-07. http://www.omg.org/mof (2011)

  54. Object Management Group: Meta Object Facility (MOF) 2.0 Query/View/Transformation Specification, Version 1.1, formal/2011-01-01. http://www.omg.org/spec/QVT (2011)

  55. Object Management Group: OMG MOF 2 XMI Mapping Specification, Version 2.4.1, formal/2011-08-09. http://www.omg.org/spec/XMI (2011)

  56. Object Management Group: OMG Object Constraint Language (OCL) Specification, Version 2.2, formal/2010-02-01. http://www.omg.org/spec/OCL (2010)

  57. Object Management Group: OMG Object Constraint Language (OCL) Specification, Version 2.3.1, formal/2012-01-01. http://www.omg.org/spec/OCL (2012)

  58. Object Management Group: OMG Service oriented architecture Modeling Language (SoaML) Specification, Version 1.0 Beta 2, ptc/2009-12-09. http://www.omg.org/spec/SoaML (2009)

  59. Object Management Group: OMG Unified Modeling Language (OMG UML): superstructure, Version 2.4.1, formal/2011-08-06. http://www.omg.org/spec/UML (2011)

  60. Object Management Group: OMG Unified Modeling Language (OMG UML): infrastructure, Version 2.4.1, formal/2011-08-05. http://www.omg.org/spec/UML (2011)

  61. Organization for the Advancement of Structured Information Standards (OASIS): Web Services Business Process Execution Language, Version 2.0. http://docs.oasis-open.org/wsbpel/2.0/OS/wsbpel-v2.0-OS.pdf (2007)

  62. Organization for the Advancement of Structured Information Standards (OASIS): Reference Architecture Foundation for Service Oriented Architecture, Version 1.0. http://docs.oasis-open.org/soa-rm/soa-ra/v1.0/soa-ra-cd-02.pdf (2009)

  63. Organization for the Advancement of Structured Information Standards (OASIS): WS-SecurityPolicy 1.3. http://docs.oasis-open.org/ws-sx/ws-securitypolicy/v1.3/os/ws-securitypolicy-1.3-spec-os.pdf (2009)

  64. Papazoglou, M., Traverso, P., Dustdar, S., Leymann, F.: Service-oriented computing: state of the art and research challenges. IEEE Comput. 40, 38–45 (2007)

    Article  Google Scholar 

  65. Reznik, J., Ritter, T., Schreiner, R., Lang, U.: Model driven development of security aspects. Electron. Notes Theo. Comput. Sci. 163, 65–79 (2007)

    Article  Google Scholar 

  66. Rodríguez, A., Fernández-Medina, E., Trujillo, J., Piattini, M.: Secure business process model specification through a UML 2.0 activity diagram profile. Decis. Support Syst. 51(3), 446–465 (2011)

    Article  Google Scholar 

  67. Rodríguez, A., García-Rodríguez de Guzmán, I., Fernández-Medina, E., Piattini, M.: Semi-formal transformation of secure business processes into analysis class and use case models: an MDA approach. Inform. Softw. Technol. 52, 945–971 (2010)

    Article  Google Scholar 

  68. Sánchez, Ó., Molina, F., García-Molina, J., Toval, A.: ModelSec: a generative architecture for model-driven security. J. Univ. Comput. Sci. 15(15), 2957–2980 (2009)

    Google Scholar 

  69. Sandhu, R.: On five definitions of data integrity. In: Proceedings of the IFIP WG11.3 Working Conference on Database Security VII (1993)

  70. Scheer, A.-W.: ARIS: Business Process Modeling. Springer, Berlin (2000)

  71. Schefer, S., Strembeck, M.: Modeling process-related duties with extended UML activity and interaction diagrams. In: Proceedings of the International Workshop on Flexible Workflows in Distributed Systems, Electronic Communications of the EASST (2011)

  72. Schefer, S., Strembeck, M.: Modeling support for delegating roles, tasks, and duties in a process-related RBAC context. In: Proceedings of the International Workshop on Information Systems Security Engineering (WISSE), Lecture Notes in Business Information Processing (LNBIP), vol. 83. Springer, Berlin (2011)

  73. Schefer, S., Strembeck, M., Mendling, J.: Checking satisfiability aspects of binding constraints in a business process context. In: Proceedings of the Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Business Information Processing (LNBIP), vol. 100. Springer, Berlin (2011)

  74. Schefer, S., Strembeck, M., Mendling, J., Baumgrass, A.: Detecting and resolving conflicts of mutual-exclusion and binding constraints in a business process context. In: Proceedings of the 19th International Conference on Cooperative Information Systems (CoopIS), Lecture Notes in Computer Science (LNCS), vol. 7044. Springer, Berlin (2011)

  75. Schefer-Wenzl, S., Strembeck, M.: An approach for consistent delegation in process-aware information systems. In: Proceedings of the 15th International Conference on Business Information Systems (BIS), Lecture Notes in Business Information Processing (LNBIP). Springer, Berlin (2012)

  76. Schefer-Wenzl, S., Strembeck, M.: Modeling context-aware RBAC models for business processes in ubiquitous computing environments. In: Proceedings of the 3rd International Conference on Mobile, Ubiquitous and Intelligent Computing (MUSIC) (2012)

  77. Schmidt, D.: Model-driven engineering: guest editor’s introduction. IEEE Comput. 39(2), 25–31 (2006)

    Article  Google Scholar 

  78. Schmidt, H., Jürjens, J.: Connecting security requirements analysis and secure design using patterns and UMLsec. In: Proceedings of the 23rd International Conference on Advanced Information Systems Engineering (CAiSE), Lecture Notes in Computer Science (LNCS), pp. 367–382. Springer, Berlin (2011)

  79. Selic, B.: The pragmatics of model-driven development. IEEE Softw. 20(5), 19–25 (2003)

    Article  Google Scholar 

  80. Sendall, S., Kozaczynski, W.: Model transformation: the heart and soul of model-driven software development. IEEE Softw. 20(5), 42–45 (2003)

    Article  Google Scholar 

  81. Sobernig, S., Zdun, U.: Invocation assembly lines: patterns of invocation and message processing in object remoting middleware. In: Kelly, A., Weiss, M. (eds.) Proceedings of 14th Annual European Conference on Pattern Languages of Programming (EuroPLoP 2009), CEUR-WS.org, vol. 566. (2009)

  82. Stahl, T., Völter, M.: Model-Driven Software Development. Wiley, New York (2006)

  83. Steinberg, D., Budinsky, F., Paternostro, M., Merks, E.: EMF: Eclipse Modeling Framework. Addison-Wesley, Boston (2008)

  84. Strembeck, M., Mendling, J.: Generic algorithms for consistency checking of mutual-exclusion and binding constraints in a business process context. In: Proceedings of the 18th International Conference on Cooperative Information Systems (CoopIS), Lecture Notes in Computer Science (LNCS), vol. 6426. Springer, Berlin (2010)

  85. Strembeck, M., Mendling, J.: Modeling process-related RBAC models with extended UML activity models. Inform. Softw. Technol. 53(5), 456–483 (2011)

    Article  Google Scholar 

  86. Tatsubori, M., Imamura, T., Nakamura, Y.: Best-practice patterns and tool support for configuring secure web services messaging. In: Proceedings of the IEEE International Conference on Web Services, pp. 244–251. IEEE (2004)

  87. Warner, J., Atluri, V.: Inter-instance authorization constraints for secure workflow management. In: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies (SACMAT) (2006)

  88. Wenzel, S.: CARiSMA. http://vm4a003.itmc.tu-dortmund.de/carisma/web/doku.php (2012)

  89. Wolter, C., Menzel, M., Meinel, C.: Modelling security goals in business processes. In Modellierung 2008, Lecture Notes in Informatics (LNI), pp. 197–212 (2008)

  90. Wolter, C., Menzel, M., Schaad, A., Miseldine, P., Meinel, C.: Model-driven business process security requirement specification. J. Systems Archit. 55(4), 211–223 (2009)

    Article  Google Scholar 

  91. Wolter, C., Schaad, A.: Modeling of task-based authorization constraints in BPMN. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) Proceedings of the 5th International Conference on Business Process Management (BPM), volume 4714 of Lecture Notes in Computer Science (LNCS), pp. 64–79. Springer, Berlin (2007)

  92. World Wide Web Consortium (W3C): Web Services Description Language (WSDL) 1.1. http://www.w3.org/TR/wsdl (2001)

  93. World Wide Web Consortium (W3C): Web Services Policy 1.5, Attachment. http://www.w3.org/TR/ws-policy-attach/ (2007)

  94. World Wide Web Consortium (W3C): Web Services Policy 1.5, Framework. http://www.w3.org/TR/ws-policy/ (2007)

  95. Zdun, U.: Patterns of component and language integration. In: Manolescu, D., Völter, M., Noble, J. (eds.) Pattern Languages of Program Design 5 (2006)

  96. Zdun, U., Dustdar, S.: Model-driven and pattern-based integration of process-driven SOA models. Int. J. Business Process Integr. Manag. (IJBPIM) 2(2), 109–119 (2007)

    Article  Google Scholar 

  97. Zdun, U., Hentrich, C., Dustdar, S.: Modeling process-driven and service-oriented architectures using patterns and pattern primitives. ACM Transact. Web 1(3), 14:1–14:44 (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. New Media Lab, Institute for Information Systems, Vienna University of Economics and Business (WU Vienna), Vienna, Austria

    Bernhard Hoisl, Stefan Sobernig & Mark Strembeck

  2. Secure Business Austria Research (SBA Research), Vienna, Austria

    Bernhard Hoisl & Mark Strembeck

Authors
  1. Bernhard Hoisl
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stefan Sobernig
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mark Strembeck
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Bernhard Hoisl, Stefan Sobernig or Mark Strembeck.

Additional information

Communicated by Dr. Juan M. Vara, Mike Papazoglou and Il-Yeol Song.

This work has partly been funded by the Austrian Research Promotion Agency (FFG) of the Austrian Federal Ministry for Transport, Innovation and Technology (BMVIT) through the Competence Centers for Excellent Technologies (COMET K1) initiative and the FIT-IT program.

Appendices

Appendix A: Constraints for the SecureObjectFlows package

This section provides the complete list of OCL-expressions for the UML extension specified in Sect. 4.

OCL Constraint 1

The confidentialityEnsured attribute of the SecureNode classifier is derived from the confidentialityAlgorithm attribute and evaluates to true if a confidentiality-related security property is supported.

figure a8

OCL Constraint 2

The integrityEnsured attribute of the SecureNode classifier is derived from the integrityAlgorithm attribute. It evaluates to true if an integrity-related security property is supported.

figure a9

OCL Constraint 3

A secure object node must ensure either or both the confidentiality and the integrity.

figure a10

OCL Constraint 4a

The successor object node of a secure object flow must also be a secure object node.Footnote 7

figure a11

OCL Constraint 4b

The successor object node of a secure object flow must also be a secure object node.Footnote 8

figure a12

OCL Constraint 5

The successor secure object nodes must support the same security properties as the corresponding source secure object node.

figure a13

OCL Constraint 6a

All secure object nodes having the same target secure object node must support identical security properties. Footnote 9

figure a14

OCL Constraint 6b

All secure object nodes having the same target secure object node must support identical security properties. Footnote 10

figure a15

Appendix B: Constraints for the SecureObjectFlows:: Services package

This section provides the complete list of OCL constraints for the UML extension specified in Sect. 5.

OCL Constraint 7

A SecureInterface must own an Activity instance as its owned behavior.

figure a16

OCL Constraint 8

In strict mode all cross-interface object flows must be secured.Footnote 11

figure a17

OCL Constraint 9

All Actions must be instances of CallOperationAction and each CallOperationAction’s operation enclosed by a given partition must correspond to an Operation owned by the Interface denoted by this partition.

figure a18

OCL Constraint 10

Corresponding secure object nodes must reside in different partitions.Footnote 12

figure a19

OCL Constraint 11

All activity nodes must be assigned to and must be contained by exactly one and only one activity partition.

figure a20

OCL Constraint 12

Only InputPins, OutputPins, and ActivityParameterNodes can be secured. All secured Input Pins must have an incoming object flow; all secured OutputPins must have an outgoing object flow. Secured ActivityParameter Nodes must either be connected to an incoming object flow, to an outgoing object flow, or to both; depending on the parameter direction.

figure a21

OCL Constraint 13

All ActivityParameterNodes which are not initial or final nodes in a control and data flow but counterparts of intermediary InputPins and OutputPins must refer to a streaming Parameter.Footnote 13

figure a22

OCL Constraint 14

All source object nodes of a set of InputPins owned by a CallOperationAction must be assigned to the same activity partition.

figure a23

OCL Constraint 15

If provided for a Participant, the ServiceActivityNode must contain a corresponding and compatible SecureSendPin for each secured InputPin in a choreography activity; provided that a) there is a choreography activity in the first place, and that b) the CallOperationAction owning the InputPin and the ServiceInteractionAction owning the SecureSendPin share the Operation (required from the same Interface).

figure a24

OCL Constraint 16

If provided for a Participant, the ServiceActivityNode must contain a corresponding and compatible SecureReceivePin for each secured OutputPin in a choreography activity; provided that a) there is a choreography activity in the first place, and that b) the CallOperationAction owning the OutputPin and the ServiceReceiveAction owning the SecureReceivePin share the Operation (required from the same Interface).

figure a25

Rights and permissions

Reprints and permissions

About this article

Cite this article

Hoisl, B., Sobernig, S. & Strembeck, M. Modeling and enforcing secure object flows in process-driven SOAs: an integrated model-driven approach. Softw Syst Model 13, 513–548 (2014). https://doi.org/10.1007/s10270-012-0263-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10270-012-0263-y

Keywords

Search

Navigation