Skip to main content
SpringerLink
Log in

Domain-Specific Multi-modeling of Security Concerns in Service-Oriented Architectures

  • Conference paper
Web Services and Formal Methods (WS-FM 2011)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 7176))

Included in the following conference series:

  • 369 Accesses

Abstract

As a common reference for many in-development standards and execution frameworks, special attention is being paid to Service-Oriented Architectures. SOAs modeling, however, is an area in which a consensus has not being achieved. Currently, standardization organizations are defining proposals to offer a solution to this problem. Nevertheless, until very recently, non-functional aspects of services have not been considered for standardization processes. In particular, there exists a lack of a design solution that permits an independent development of the functional and non-functional concerns of SOAs, allowing that each concern be addressed in a convenient manner in early stages of the development, in a way that could guarantee the quality of this type of systems. This paper, leveraging on previous work, presents an approach to integrate security-related non-functional aspects (such as confidentiality, integrity, and access control) in the development of services.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Apache. Apache CXF (2010)

    Google Scholar 

  2. Berre, A.: Service oriented architecture Modeling Language (SoaML)-Specification for the UML Profile and Metamodel for Services, UPMS (2008)

    Google Scholar 

  3. CDTI. ITECBAN

    Google Scholar 

  4. Dodd, J., Allen, P., Butler, J., Olding, S., Veryard, R., Wilkes, L.: CBDI-SAE Meta Model for SOA Version 2. Technical report, Everware-CBDI (2007)

    Google Scholar 

  5. Elrad, T., Aldawud, O., Bader, A.: Aspect-Oriented Modeling: Bridging the Gap between Implementation and Design. In: Batory, D., Consel, C., Taha, W. (eds.) GPCE 2002. LNCS, vol. 2487, pp. 189–201. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  6. Del Fabro, M.D., Bézivin, J., Jouault, F.: AMW: a generic model weaver. In: Proceedings of the Using Metamodels to Support MDD Workshop, 10th IEEE International Conference on Engineering of Complex Computer Systems, ICECCS 2005 (2005)

    Google Scholar 

  7. Finkelsetin, A., Kramer, J., Nuseibeh, B., Finkelstein, L., Goedicke, M.: Viewpoints: A framework for integrating multiple perspectives in system development. International Journal of Software Engineering and Knowledge Engineering 2 (1992)

    Google Scholar 

  8. Kelly, S., Tolvanen, J.-P.: Domain-specific modeling: enabling full code generation. Wiley-IEEE, Hoboken, New Jersey (2008)

    Google Scholar 

  9. Kim, A., Luo, J., Kang, M.: Security Ontology to Facilitate Web Service Description and Discovery. In: Spaccapietra, S., Atzeni, P., Fages, F., Hacid, M.-S., Kifer, M., Mylopoulos, J., Pernici, B., Shvaiko, P., Trujillo, J., Zaihrayeu, I. (eds.) Journal on Data Semantics IX. LNCS, vol. 4601, pp. 167–195. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  10. Larrucea, X., Alonso, R.: Modelling and Deploying Security Policies. In: WEBIST 2009 - Proceedings of the Fifth International Conference on Web Information Systems and Technologies, Lisboa, Portugal, pp. 411–414. INSTICC Press (2009)

    Google Scholar 

  11. Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-Based Modeling Language for Model-Driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)

    Google Scholar 

  12. Jensen, M., Feja, S.: A Security Modeling Approach for Web-Service-Based Business Processes. In: 16th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems, ECBS 2009, San Francisco, California, USA, pp. 340–347. IEEE Computer Society (2009)

    Google Scholar 

  13. Menzel, M., Meinel, C.: A Security Meta-model for Service-Oriented Architectures. In: 2009 IEEE International Conference on Services Computing, Bangalore, India, pp. 251–259. IEEE (September 2009)

    Google Scholar 

  14. Miller, J., Mukerji, J.: MDA Guide Version 1.0.1 (2003)

    Google Scholar 

  15. Mouelhi, T., Fleurey, F., Baudry, B., Le Traon, Y.: A Model-Based Framework for Security Policy Specification, Deployment and Testing. In: Czarnecki, K., Ober, I., Bruel, J.-M., Uhl, A., Völter, M. (eds.) MODELS 2008. LNCS, vol. 5301, pp. 537–552. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  16. Ortiz, G., Hernández, J.: Service-Oriented Model-Driven Development: Filling the Extra-Functional Property Gap. In: Dan, A., Lamersdorf, W. (eds.) ICSOC 2006. LNCS, vol. 4294, pp. 471–476. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  17. Rashid, A., Sawyer, P., Moreira, A., Araújo, J.: Early Aspects: A Model for Aspect-Oriented Requirements Engineering. In: IEEE International Conference on Requirements Engineering, p. 199 (2002)

    Google Scholar 

  18. Satoh, F., Nakamura, Y., Mukhi, N., Tatsubori, M., Ono, K.: Methodology and Tools for End-to-End SOA Security Configurations. In: 2008 IEEE Congress on Services, SERVICES I, Honolulu, Hawaii, USA, pp. 307–314. IEEE Computer Society (2008)

    Google Scholar 

  19. Gallino, J.P.S., de Miguel, M.A., Briones, J.F., Alonso, A.: Model-Driven Development of a Web Service-Oriented Architecture and Security Policies. In: 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing, Carmona, Spain, pp. 92–96. IEEE Computer Society, Los Alamitos (2010)

    Chapter  Google Scholar 

  20. SpringSource. Spring Framework (2010)

    Google Scholar 

  21. Sutton Jr., S.M.: N degrees of separation: multi-dimensional separation of concerns. In: International Conference on Software Engineering, pp. 107–119 (1999)

    Google Scholar 

  22. The Object Management Group (OMG). UML Profile for Modeling QoS and Fault Tolerance Characteristics and Mechanisms Version 1.1 (2008)

    Google Scholar 

  23. Web Services Interoperability Organization, http://www.ws-i.org

  24. WS-I. Sample Architecture Usage Scenarios (2003)

    Google Scholar 

  25. WS-I. Supply Chain Management Sample Architecture (2003)

    Google Scholar 

  26. WS-I. Sample Applications Security Architecture Document (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Universidad Politécnica de Madrid (UPM), Spain

    Juan Pedro Silva Gallino, Miguel de Miguel, Javier F. Briones & Alejandro Alonso

Authors
  1. Juan Pedro Silva Gallino
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Miguel de Miguel
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Javier F. Briones
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alejandro Alonso
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. IT University of Copenhagen, Rued Langgaards Vej 7, 2300, Copenhagen, Denmark

    Marco Carbone

  2. Université de Lyon – CNRS INSA Lyon, LIRIS, 7 avenue Jean Capelle, 69621, Villeurbanne Cedex, France

    Jean-Marc Petit

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Silva Gallino, J.P., de Miguel, M., Briones, J.F., Alonso, A. (2012). Domain-Specific Multi-modeling of Security Concerns in Service-Oriented Architectures. In: Carbone, M., Petit, JM. (eds) Web Services and Formal Methods. WS-FM 2011. Lecture Notes in Computer Science, vol 7176. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29834-9_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29834-9_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29833-2

  • Online ISBN: 978-3-642-29834-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation