Abstract
As a common reference for many in-development standards and execution frameworks, special attention is being paid to Service-Oriented Architectures. SOAs modeling, however, is an area in which a consensus has not being achieved. Currently, standardization organizations are defining proposals to offer a solution to this problem. Nevertheless, until very recently, non-functional aspects of services have not been considered for standardization processes. In particular, there exists a lack of a design solution that permits an independent development of the functional and non-functional concerns of SOAs, allowing that each concern be addressed in a convenient manner in early stages of the development, in a way that could guarantee the quality of this type of systems. This paper, leveraging on previous work, presents an approach to integrate security-related non-functional aspects (such as confidentiality, integrity, and access control) in the development of services.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Apache. Apache CXF (2010)
Berre, A.: Service oriented architecture Modeling Language (SoaML)-Specification for the UML Profile and Metamodel for Services, UPMS (2008)
CDTI. ITECBAN
Dodd, J., Allen, P., Butler, J., Olding, S., Veryard, R., Wilkes, L.: CBDI-SAE Meta Model for SOA Version 2. Technical report, Everware-CBDI (2007)
Elrad, T., Aldawud, O., Bader, A.: Aspect-Oriented Modeling: Bridging the Gap between Implementation and Design. In: Batory, D., Consel, C., Taha, W. (eds.) GPCE 2002. LNCS, vol. 2487, pp. 189–201. Springer, Heidelberg (2002)
Del Fabro, M.D., Bézivin, J., Jouault, F.: AMW: a generic model weaver. In: Proceedings of the Using Metamodels to Support MDD Workshop, 10th IEEE International Conference on Engineering of Complex Computer Systems, ICECCS 2005 (2005)
Finkelsetin, A., Kramer, J., Nuseibeh, B., Finkelstein, L., Goedicke, M.: Viewpoints: A framework for integrating multiple perspectives in system development. International Journal of Software Engineering and Knowledge Engineering 2 (1992)
Kelly, S., Tolvanen, J.-P.: Domain-specific modeling: enabling full code generation. Wiley-IEEE, Hoboken, New Jersey (2008)
Kim, A., Luo, J., Kang, M.: Security Ontology to Facilitate Web Service Description and Discovery. In: Spaccapietra, S., Atzeni, P., Fages, F., Hacid, M.-S., Kifer, M., Mylopoulos, J., Pernici, B., Shvaiko, P., Trujillo, J., Zaihrayeu, I. (eds.) Journal on Data Semantics IX. LNCS, vol. 4601, pp. 167–195. Springer, Heidelberg (2007)
Larrucea, X., Alonso, R.: Modelling and Deploying Security Policies. In: WEBIST 2009 - Proceedings of the Fifth International Conference on Web Information Systems and Technologies, Lisboa, Portugal, pp. 411–414. INSTICC Press (2009)
Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-Based Modeling Language for Model-Driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)
Jensen, M., Feja, S.: A Security Modeling Approach for Web-Service-Based Business Processes. In: 16th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems, ECBS 2009, San Francisco, California, USA, pp. 340–347. IEEE Computer Society (2009)
Menzel, M., Meinel, C.: A Security Meta-model for Service-Oriented Architectures. In: 2009 IEEE International Conference on Services Computing, Bangalore, India, pp. 251–259. IEEE (September 2009)
Miller, J., Mukerji, J.: MDA Guide Version 1.0.1 (2003)
Mouelhi, T., Fleurey, F., Baudry, B., Le Traon, Y.: A Model-Based Framework for Security Policy Specification, Deployment and Testing. In: Czarnecki, K., Ober, I., Bruel, J.-M., Uhl, A., Völter, M. (eds.) MODELS 2008. LNCS, vol. 5301, pp. 537–552. Springer, Heidelberg (2008)
Ortiz, G., Hernández, J.: Service-Oriented Model-Driven Development: Filling the Extra-Functional Property Gap. In: Dan, A., Lamersdorf, W. (eds.) ICSOC 2006. LNCS, vol. 4294, pp. 471–476. Springer, Heidelberg (2006)
Rashid, A., Sawyer, P., Moreira, A., Araújo, J.: Early Aspects: A Model for Aspect-Oriented Requirements Engineering. In: IEEE International Conference on Requirements Engineering, p. 199 (2002)
Satoh, F., Nakamura, Y., Mukhi, N., Tatsubori, M., Ono, K.: Methodology and Tools for End-to-End SOA Security Configurations. In: 2008 IEEE Congress on Services, SERVICES I, Honolulu, Hawaii, USA, pp. 307–314. IEEE Computer Society (2008)
Gallino, J.P.S., de Miguel, M.A., Briones, J.F., Alonso, A.: Model-Driven Development of a Web Service-Oriented Architecture and Security Policies. In: 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing, Carmona, Spain, pp. 92–96. IEEE Computer Society, Los Alamitos (2010)
SpringSource. Spring Framework (2010)
Sutton Jr., S.M.: N degrees of separation: multi-dimensional separation of concerns. In: International Conference on Software Engineering, pp. 107–119 (1999)
The Object Management Group (OMG). UML Profile for Modeling QoS and Fault Tolerance Characteristics and Mechanisms Version 1.1 (2008)
Web Services Interoperability Organization, http://www.ws-i.org
WS-I. Sample Architecture Usage Scenarios (2003)
WS-I. Supply Chain Management Sample Architecture (2003)
WS-I. Sample Applications Security Architecture Document (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Silva Gallino, J.P., de Miguel, M., Briones, J.F., Alonso, A. (2012). Domain-Specific Multi-modeling of Security Concerns in Service-Oriented Architectures. In: Carbone, M., Petit, JM. (eds) Web Services and Formal Methods. WS-FM 2011. Lecture Notes in Computer Science, vol 7176. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29834-9_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-29834-9_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29833-2
Online ISBN: 978-3-642-29834-9
eBook Packages: Computer ScienceComputer Science (R0)