Software & Systems Modeling

, Volume 13, Issue 2, pp 513–548 | Cite as

Modeling and enforcing secure object flows in process-driven SOAs: an integrated model-driven approach

Theme Section Paper

Abstract

In this paper, we present an integrated model-driven approach for the specification and the enforcement of secure object flows in process-driven service-oriented architectures (SOA). In this context, a secure object flow ensures the confidentiality and the integrity of important objects (such as business contracts or electronic patient records) that are passed between different participants in SOA-based business processes. We specify a formal and generic metamodel for secure object flows that can be used to extend arbitrary process modeling languages. To demonstrate our approach, we present a UML extension for secure object flows. Moreover, we describe how platform-independent models are mapped to platform-specific software artifacts via automated model transformations. In addition, we give a detailed description of how we integrated our approach with the Eclipse modeling tools.

Keywords

Process modeling Secure object flows Security engineering Service-oriented architecture Model-driven development UML SoaML Web services 

References

  1. 1.
    Apache Software Foundation (ASF): Apache Axis2. http://axis.apache.org/axis2/java/core/ (2012)
  2. 2.
    Apache Software Foundation (ASF): Apache ODE. http://ode.apache.org (2012)
  3. 3.
    Apache Software Foundation (ASF): Apache Rampart—Axis2 Security Module. http://axis.apache.org/axis2/java/rampart/ (2012)
  4. 4.
    Axenath, B., Kindler, E., Rubin, V.: AMFIBIA: a meta-model for the integration of business process modelling aspects. In: Leymann, F., Reisig, W., Thatte, S., van der Aalst, W. (eds.) The Role of Business Processes in Service Oriented Architectures, Dagstuhl Seminar Proceedings (2006)Google Scholar
  5. 5.
    Basin, D., Doser, J., Lodderstedt, T.: Model driven security: from UML models to access control infrastructures. ACM Transact. Softw. Eng. Methodol. (TOSEM) 15(1), 39–91 (2006)CrossRefGoogle Scholar
  6. 6.
    Baumgrass, A., Baier, T., Mendling, J., Strembeck, M.: Conformance checking of RBAC policies in process-aware information systems. In: Proceedings of the Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Business Information Processing (LNBIP), vol. 100. Springer, Berlin (2011)Google Scholar
  7. 7.
    Cannon, J., Byers, M.: Compliance deconstructed. ACM Queue 4(7), 30–37 (2006)CrossRefGoogle Scholar
  8. 8.
    Committee on National Security Systems (CNSS): National Information Assurance (IA): glossary. http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf (2010)
  9. 9.
    Damianides, M.: How does SOX change IT? J. Corp. Account. Finance 15(6), 35–41 (2004)CrossRefGoogle Scholar
  10. 10.
    Eclipse Foundation: Eclipse IDE. http://www.eclipse.org (2012)
  11. 11.
    Eclipse Foundation: Eclipse model development tools (MDT). http://www.eclipse.org/modeling/mdt/ (2012)
  12. 12.
    Eclipse Foundation: Eclipse Papyrus. http://www.eclipse.org/modeling/mdt/papyrus/ (2012)
  13. 13.
    Elvesæter, B., Berre, A.-J., Sadovykh, A.: Specifying services using the service oriented architecture modeling language (SoaML)—a baseline for specification of cloud-based services. In: Proceedings of the 1st International Conference on Cloud Computing and Services Science (CLOSER’11), pp. 276–285. SciTePress (2011)Google Scholar
  14. 14.
    Elvesæter, B., Carrez, C., Mohagheghi, P., Berre, A.-J., Johnsen, S., Solberg, A.: Model-driven service engineering with SoaML. In: Service Engineering—European Research Results, pp. 25–54. Springer, Berlin (2011)Google Scholar
  15. 15.
    Fink, T., Koch, M., Pauls, K.: An MDA approach to access control specifications using MOF and UML profiles. In: Electronic Notes in Theoretical Computer Science, pp. 161–179 (2006)Google Scholar
  16. 16.
    International Organization for Standardization (ISO): Information technology: security techniques—code of practice for information security management, ISO/IEC 27002:2005, Stage: 90.92. http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=50297 (2008)
  17. 17.
    International Organization for Standardization (ISO): Information technology: security techniques—information security management systems—requirements, ISO/IEC 27001:2005, Stage: 90.92. http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=42103 (2008)
  18. 18.
    International Organization for Standardization (ISO): Information technology—security techniques—information security management systems—overview and vocabulary, ISO/IEC 27000:2009, Stage: 60.60. http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=41933 (2009)
  19. 19.
    Foster, H., Gönczy, L., Koch, N., Mayer, P., Montangero, C., Varró, D. UML extensions for service-oriented systems. In: Wirsing, M., Hölzl, M. (eds.) Rigorous Software Engineering for Service-Oriented Systems, Lecture Notes in Computer Science (LNCS), pp. 35–60. Springer, Berlin (2011)Google Scholar
  20. 20.
    Gilmore, S., Gönczy, L., Koch, N., Mayer, P., Tribastone, M., Varró, D.: Non-functional properties in the model-driven development of service-oriented systems. Softw. Syst. Model. 10(3), 287–311 (2011)CrossRefGoogle Scholar
  21. 21.
    Hafner, M., Alam, M., Breu, R.: Towards a MOF/QVT-based domain architecture for model driven security. In: Proceedings of the 9th International Conference on Model Driven Engineering Languages and Systems (MODELS 2006), Lecture Notes in Computer Science (LNCS), pp. 275–290. Springer, Berlin (2006)Google Scholar
  22. 22.
    Hafner, M., Breu, R.: Security Engineering for Service-Oriented Architectures, 1st edn. Springer, Berlin (2009)Google Scholar
  23. 23.
    Hafner, M., Breu, R., Agreiter, B., Nowak, A.: SECTET: an extensible framework for the realization of secure inter-organizational workflows. Internet Res. 16(5), 491–506 (2006)CrossRefGoogle Scholar
  24. 24.
    Hafner, M., Memon, M., Alam, M.: Modeling and enforcing advanced access control policies in healthcare systems with SECTET. In: Giese, H. (ed.) Models in Software Engineering, pp. 132–144. Springer, Berlin (2008)Google Scholar
  25. 25.
    Hentrich, C., Zdun, U.: A pattern language for process execution and integration design in service-oriented architectures. In: Noble, J., Johnson, R. (eds.) Transactions on Pattern Languages of Programming I, Lecture Notes in Computer Science (LNCS), pp. 136–191. Springer, Berlin (2009)Google Scholar
  26. 26.
    Hoisl, B., Sobernig, S.: Integrity and confidentiality annotations for service interfaces in SoaML models. In: Proceedings of the International Workshop on Security Aspects of Process-aware Information Systems (SAPAIS2011), pp. 673–679. IEEE (2011)Google Scholar
  27. 27.
    Hoisl, B., Strembeck, M.: Modeling support for confidentiality and integrity of object flows in activity models. In: Proceedings of the 14th International Conference on Business Information Systems (BIS2011), Lecture Notes in Business Information Processing (LNBIP), pp. 278–289. Springer, Berlin (2011)Google Scholar
  28. 28.
    Hoisl, B., Strembeck, M.: A UML extension for the model-driven specification of audit rules. In: Proceedings of the 2nd International Workshop on Information Systems Security Engineering (WISSE), Lecture Notes in Business Information Processing (LNBIP). Springer, Berlin (2012)Google Scholar
  29. 29.
    Huhns, M., Singh, M.: Service-oriented computing: key concepts and principles. IEEE Internet Comput. 9, 75–81 (2005)CrossRefGoogle Scholar
  30. 30.
    Hummer, W., Gaubatz, P., Strembeck, M., Zdun, U., Dustdar, S.: An integrated approach for identity and access management in a SOA context. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies (SACMAT) (2011)Google Scholar
  31. 31.
    Jensen, M., Feja, S.: A security modeling approach for web-service-based business processes. In: Proceedings of the 16th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems, pp. 340–347. IEEE (2009)Google Scholar
  32. 32.
    Jürjens, J.: UMLsec: extending UML for secure systems development. In: Proceedings of the 5th International Conference on The Unified Modeling Language, pp. 412–425. Springer, Berlin (2002)Google Scholar
  33. 33.
    Jürjens, J.: Secure Systems Development with UML. Springer, Berlin (2005)Google Scholar
  34. 34.
    Kim, S., Burger, D., Carrington, D.: An MDA approach towards integrating formal and informal modeling languages. In: Proceedings of the International Symposium of Formal Methods Europe, Lecture Notes in Computer Science (LNCS), vol. 3582, pp. 448–464. Springer, Berlin (2005)Google Scholar
  35. 35.
    Kopp, O., Martin, D., Wutke, D., Leymann, F.: The difference between graph-based and block-structured business process modelling languages. Enterp. Model. Inf. Syst. 4(1), 3–13 (2009)Google Scholar
  36. 36.
    Mayer, P.: Model-driven development for service-oriented computing—transformers. http://mdd4soa.eu/transformers/ (2008)
  37. 37.
    Mayer, P.: MDD4SOA—model-driven development for service-oriented architectures. PhD thesis, Ludwig Maximilian University of Munich, Faculty of Mathematics, Computer Science and Statistics (2010)Google Scholar
  38. 38.
    Mayer, P., Koch, N., Schröder, A., Knapp, A.: The UML4SOA profile. http://www.uml4soa.eu/wp-content/uploads/uml4soa.pdf (2010)
  39. 39.
    Mayer, P., Schröder, A., Koch, N.: MDD4SOA: model-driven service orchestration. In: Proceedings of the 12th International IEEE Enterprise Distributed Object Computing Conference, pp. 203–212. IEEE (2008)Google Scholar
  40. 40.
    Memon, M., Hafner, M., Breu, R.: SECTISSIMO: a platform-independent framework for security services. In: Proceedings of the Modeling Security Workshop in Association with MODELS 2008 (2008)Google Scholar
  41. 41.
    Mendling, J., Lassen, K., Zdun, U.: On the transformation of control flow between block-oriented and graph-oriented process modeling languages. Int. J. Business Process Integr. Manag. 3(2), 96–108 (2008)CrossRefGoogle Scholar
  42. 42.
    Mens, T., van Gorp, P.: A taxonomy of model transformation. Electron. Notes Theor. Comput. Sci. 152, 125–142 (2006)CrossRefGoogle Scholar
  43. 43.
    Mishra, S., Weistroffer, H.: A framework for integrating Sarbanes-Oxley compliance into the systems development process. Commun. Assoc. Inf. Systems (CAIS) 20(1), 712–727 (2007)Google Scholar
  44. 44.
    Nakamura Y., Tatsubori M., Imamura T., Ono K.: Model-driven security based on a web services security architecture. In: Proceedings of the IEEE International Conference on Services Computing, pp. 7–15. IEEE (2005)Google Scholar
  45. 45.
    National Institute of Standards and Technology (NIST): An Introduction to Computer Security: The NIST Handbook. Special Publication 800–12. http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf (1995)
  46. 46.
    National Institute of Standards and Technology (NIST): Data Encryption Standard (DES). Federal Information Processing Standards Publication 46–3. http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf (1999)
  47. 47.
    National Institute of Standards and Technology (NIST): Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf (2001)
  48. 48.
    National Institute of Standards and Technology (NIST): Secure Hash Standard (SHS). Federal Information Processing Standards Publication 180–3. http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf (2008)
  49. 49.
    National Institute of Standards and Technology (NIST): Recommended Security Controls for Federal Information Systems and Organizations. NIST Special Publication 800–53, Revision 3. http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-final_updated-errata_05-01-2010.pdf (2009)
  50. 50.
    National Security Agency (NSA): Information assurance technical framework. http://handle.dtic.mil/100.2/ADA393328 (2000)
  51. 51.
    No Magic, Inc.: MacigDraw. https://www.magicdraw.com (2012)
  52. 52.
    Object Management Group: OMG Business Process Model and Notation (BPMN) Specification, Version 2.0, formal/2011-01-03. http://www.omg.org/spec/BPMN (2011)
  53. 53.
    Object Management Group: OMG Meta Object Facility (MOF) Core Specification, Version 2.4.1, formal/2011-08-07. http://www.omg.org/mof (2011)
  54. 54.
    Object Management Group: Meta Object Facility (MOF) 2.0 Query/View/Transformation Specification, Version 1.1, formal/2011-01-01. http://www.omg.org/spec/QVT (2011)
  55. 55.
    Object Management Group: OMG MOF 2 XMI Mapping Specification, Version 2.4.1, formal/2011-08-09. http://www.omg.org/spec/XMI (2011)
  56. 56.
    Object Management Group: OMG Object Constraint Language (OCL) Specification, Version 2.2, formal/2010-02-01. http://www.omg.org/spec/OCL (2010)
  57. 57.
    Object Management Group: OMG Object Constraint Language (OCL) Specification, Version 2.3.1, formal/2012-01-01. http://www.omg.org/spec/OCL (2012)
  58. 58.
    Object Management Group: OMG Service oriented architecture Modeling Language (SoaML) Specification, Version 1.0 Beta 2, ptc/2009-12-09. http://www.omg.org/spec/SoaML (2009)
  59. 59.
    Object Management Group: OMG Unified Modeling Language (OMG UML): superstructure, Version 2.4.1, formal/2011-08-06. http://www.omg.org/spec/UML (2011)
  60. 60.
    Object Management Group: OMG Unified Modeling Language (OMG UML): infrastructure, Version 2.4.1, formal/2011-08-05. http://www.omg.org/spec/UML (2011)
  61. 61.
    Organization for the Advancement of Structured Information Standards (OASIS): Web Services Business Process Execution Language, Version 2.0. http://docs.oasis-open.org/wsbpel/2.0/OS/wsbpel-v2.0-OS.pdf (2007)
  62. 62.
    Organization for the Advancement of Structured Information Standards (OASIS): Reference Architecture Foundation for Service Oriented Architecture, Version 1.0. http://docs.oasis-open.org/soa-rm/soa-ra/v1.0/soa-ra-cd-02.pdf (2009)
  63. 63.
    Organization for the Advancement of Structured Information Standards (OASIS): WS-SecurityPolicy 1.3. http://docs.oasis-open.org/ws-sx/ws-securitypolicy/v1.3/os/ws-securitypolicy-1.3-spec-os.pdf (2009)
  64. 64.
    Papazoglou, M., Traverso, P., Dustdar, S., Leymann, F.: Service-oriented computing: state of the art and research challenges. IEEE Comput. 40, 38–45 (2007)CrossRefGoogle Scholar
  65. 65.
    Reznik, J., Ritter, T., Schreiner, R., Lang, U.: Model driven development of security aspects. Electron. Notes Theo. Comput. Sci. 163, 65–79 (2007)CrossRefGoogle Scholar
  66. 66.
    Rodríguez, A., Fernández-Medina, E., Trujillo, J., Piattini, M.: Secure business process model specification through a UML 2.0 activity diagram profile. Decis. Support Syst. 51(3), 446–465 (2011)CrossRefGoogle Scholar
  67. 67.
    Rodríguez, A., García-Rodríguez de Guzmán, I., Fernández-Medina, E., Piattini, M.: Semi-formal transformation of secure business processes into analysis class and use case models: an MDA approach. Inform. Softw. Technol. 52, 945–971 (2010)CrossRefGoogle Scholar
  68. 68.
    Sánchez, Ó., Molina, F., García-Molina, J., Toval, A.: ModelSec: a generative architecture for model-driven security. J. Univ. Comput. Sci. 15(15), 2957–2980 (2009)Google Scholar
  69. 69.
    Sandhu, R.: On five definitions of data integrity. In: Proceedings of the IFIP WG11.3 Working Conference on Database Security VII (1993)Google Scholar
  70. 70.
    Scheer, A.-W.: ARIS: Business Process Modeling. Springer, Berlin (2000)Google Scholar
  71. 71.
    Schefer, S., Strembeck, M.: Modeling process-related duties with extended UML activity and interaction diagrams. In: Proceedings of the International Workshop on Flexible Workflows in Distributed Systems, Electronic Communications of the EASST (2011)Google Scholar
  72. 72.
    Schefer, S., Strembeck, M.: Modeling support for delegating roles, tasks, and duties in a process-related RBAC context. In: Proceedings of the International Workshop on Information Systems Security Engineering (WISSE), Lecture Notes in Business Information Processing (LNBIP), vol. 83. Springer, Berlin (2011)Google Scholar
  73. 73.
    Schefer, S., Strembeck, M., Mendling, J.: Checking satisfiability aspects of binding constraints in a business process context. In: Proceedings of the Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Business Information Processing (LNBIP), vol. 100. Springer, Berlin (2011)Google Scholar
  74. 74.
    Schefer, S., Strembeck, M., Mendling, J., Baumgrass, A.: Detecting and resolving conflicts of mutual-exclusion and binding constraints in a business process context. In: Proceedings of the 19th International Conference on Cooperative Information Systems (CoopIS), Lecture Notes in Computer Science (LNCS), vol. 7044. Springer, Berlin (2011)Google Scholar
  75. 75.
    Schefer-Wenzl, S., Strembeck, M.: An approach for consistent delegation in process-aware information systems. In: Proceedings of the 15th International Conference on Business Information Systems (BIS), Lecture Notes in Business Information Processing (LNBIP). Springer, Berlin (2012)Google Scholar
  76. 76.
    Schefer-Wenzl, S., Strembeck, M.: Modeling context-aware RBAC models for business processes in ubiquitous computing environments. In: Proceedings of the 3rd International Conference on Mobile, Ubiquitous and Intelligent Computing (MUSIC) (2012)Google Scholar
  77. 77.
    Schmidt, D.: Model-driven engineering: guest editor’s introduction. IEEE Comput. 39(2), 25–31 (2006)CrossRefGoogle Scholar
  78. 78.
    Schmidt, H., Jürjens, J.: Connecting security requirements analysis and secure design using patterns and UMLsec. In: Proceedings of the 23rd International Conference on Advanced Information Systems Engineering (CAiSE), Lecture Notes in Computer Science (LNCS), pp. 367–382. Springer, Berlin (2011)Google Scholar
  79. 79.
    Selic, B.: The pragmatics of model-driven development. IEEE Softw. 20(5), 19–25 (2003)CrossRefGoogle Scholar
  80. 80.
    Sendall, S., Kozaczynski, W.: Model transformation: the heart and soul of model-driven software development. IEEE Softw. 20(5), 42–45 (2003)CrossRefGoogle Scholar
  81. 81.
    Sobernig, S., Zdun, U.: Invocation assembly lines: patterns of invocation and message processing in object remoting middleware. In: Kelly, A., Weiss, M. (eds.) Proceedings of 14th Annual European Conference on Pattern Languages of Programming (EuroPLoP 2009), CEUR-WS.org, vol. 566. (2009)Google Scholar
  82. 82.
    Stahl, T., Völter, M.: Model-Driven Software Development. Wiley, New York (2006)Google Scholar
  83. 83.
    Steinberg, D., Budinsky, F., Paternostro, M., Merks, E.: EMF: Eclipse Modeling Framework. Addison-Wesley, Boston (2008)Google Scholar
  84. 84.
    Strembeck, M., Mendling, J.: Generic algorithms for consistency checking of mutual-exclusion and binding constraints in a business process context. In: Proceedings of the 18th International Conference on Cooperative Information Systems (CoopIS), Lecture Notes in Computer Science (LNCS), vol. 6426. Springer, Berlin (2010)Google Scholar
  85. 85.
    Strembeck, M., Mendling, J.: Modeling process-related RBAC models with extended UML activity models. Inform. Softw. Technol. 53(5), 456–483 (2011)CrossRefGoogle Scholar
  86. 86.
    Tatsubori, M., Imamura, T., Nakamura, Y.: Best-practice patterns and tool support for configuring secure web services messaging. In: Proceedings of the IEEE International Conference on Web Services, pp. 244–251. IEEE (2004)Google Scholar
  87. 87.
    Warner, J., Atluri, V.: Inter-instance authorization constraints for secure workflow management. In: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies (SACMAT) (2006)Google Scholar
  88. 88.
  89. 89.
    Wolter, C., Menzel, M., Meinel, C.: Modelling security goals in business processes. In Modellierung 2008, Lecture Notes in Informatics (LNI), pp. 197–212 (2008)Google Scholar
  90. 90.
    Wolter, C., Menzel, M., Schaad, A., Miseldine, P., Meinel, C.: Model-driven business process security requirement specification. J. Systems Archit. 55(4), 211–223 (2009)CrossRefGoogle Scholar
  91. 91.
    Wolter, C., Schaad, A.: Modeling of task-based authorization constraints in BPMN. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) Proceedings of the 5th International Conference on Business Process Management (BPM), volume 4714 of Lecture Notes in Computer Science (LNCS), pp. 64–79. Springer, Berlin (2007)Google Scholar
  92. 92.
    World Wide Web Consortium (W3C): Web Services Description Language (WSDL) 1.1. http://www.w3.org/TR/wsdl (2001)
  93. 93.
    World Wide Web Consortium (W3C): Web Services Policy 1.5, Attachment. http://www.w3.org/TR/ws-policy-attach/ (2007)
  94. 94.
    World Wide Web Consortium (W3C): Web Services Policy 1.5, Framework. http://www.w3.org/TR/ws-policy/ (2007)
  95. 95.
    Zdun, U.: Patterns of component and language integration. In: Manolescu, D., Völter, M., Noble, J. (eds.) Pattern Languages of Program Design 5 (2006)Google Scholar
  96. 96.
    Zdun, U., Dustdar, S.: Model-driven and pattern-based integration of process-driven SOA models. Int. J. Business Process Integr. Manag. (IJBPIM) 2(2), 109–119 (2007)CrossRefGoogle Scholar
  97. 97.
    Zdun, U., Hentrich, C., Dustdar, S.: Modeling process-driven and service-oriented architectures using patterns and pattern primitives. ACM Transact. Web 1(3), 14:1–14:44 (2007)Google Scholar

Copyright information

© Springer-Verlag 2012

Authors and Affiliations

  1. 1.New Media Lab, Institute for Information SystemsVienna University of Economics and Business (WU Vienna)ViennaAustria
  2. 2.Secure Business Austria Research (SBA Research)ViennaAustria

Personalised recommendations