Pattern-Based Context Establishment for Service-Oriented Architectures

  • Kristian Beckers
  • Stephan Faßbender
  • Maritta Heisel
  • Rene Meis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7365)


A context description of a software system and its environment is essential for any given software engineering process. Requirements define statements about the environment (according to Jackson’s terminology). The context description of a Service-Oriented Architecture is difficult to provide, because of the variety of technical systems and stakeholders involved. We present two patterns for SOA systems and support their instantiation with a structured method. In addition, we show how the pattern can be used in a secure service development life-cycle.


SOA requirements engineering secure software development 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Arsanjani, A., Ghosh, S., Allam, A., Abdollah, T., Gariapathy, S., Holley, K.: SOMA: a method for developing service-oriented solutions. IBM Systems Journal 47(3), 377–396 (2008)CrossRefGoogle Scholar
  2. 2.
    Arsanjani, A., Zhang, L.-J., Ellis, M., Allam, A., Channabasavaiah, K.: Design an SOA solution using a reference architecture. Technical report, IBM (2007),
  3. 3.
    Beckers, K., Faßbender, S., Küster, J.-C., Schmidt, H.: A Pattern-Based Method for Identifying and Analyzing Laws. In: Regnell, B., Damian, D. (eds.) REFSQ 2012. LNCS, vol. 7195, pp. 256–262. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  4. 4.
    Darimont, R., Delor, E., Massonet, P., van Lamsweerde, A.: GRAIL/KAOS: an environment for goal-driven requirements engineering. In: Proceedings of the 19th International Conference on Software Engineering (ICSE), pp. 612–613. ACM, New York (1997)Google Scholar
  5. 5.
    Dijkman, R.M., Dumas, M.: Service-oriented design: A multi-viewpoint approach. International Journal on Cooperative Information Systems 13(4), 337–368 (2004)CrossRefGoogle Scholar
  6. 6.
    Gregoire, J., Buyens, K., De Win, B., Scandariato, R., Joosen, W.: On the secure software development process: CLASP and SDL compared. In: Proceedings of the Third International Workshop on Software Engineering for Secure Systems, SESS 2007, pp. 1–7. IEEE Computer Society, Washington, DC (2007)Google Scholar
  7. 7.
    Gürses, S., Berendt, B., Santen, T.: Multilateral Security Requirements Analysis for Preserving Privacy in Ubiquitous Environments. In: Proceedings of the Workshop on Ubiquitous Knowledge Discovery for Users, pp. 51–64 (2006),
  8. 8.
    Howard, M., Lipner, S.: The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software. Microsoft Press (2006)Google Scholar
  9. 9.
    Jackson, M.: Problem Frames. In: Analyzing and Structuring Software Development Problems. Addison-Wesley (2001)Google Scholar
  10. 10.
    Microsoft. Microsoft Security Development Lifecycle Simplified Implementation of the Microsoft SDL. SDL 1-2, Microsoft (2010),
  11. 11.
    Mouratidis, H., Giorgini, P.: Secure tropos: a security-oriented extension of the tropos methodology. International Journal of Software Engineering and Knowledge Engineering 17(2), 285–309 (2007)CrossRefGoogle Scholar
  12. 12.
    Object Management Group, Needham, MA, USA. Service oriented architecture modeling language 1.0 - Beta 2 (December 2009),
  13. 13.
    OWASP. CLASP (Comprehensive, Lightweight Application Security Process). Technical report, The Open Web Application Security Project, OWASP (2011)Google Scholar
  14. 14.
    Papazoglou, M.P., Traverso, P., Dustdar, S., Leymann, F.: Service-oriented computing: a research roadmap. Int. J. Cooperative Inf. Syst. 17(2), 223–255 (2008)CrossRefGoogle Scholar
  15. 15.
    Perepletchikov, M., Ryan, C., Frampton, K., Schmidt, H.W.: Formalising service-oriented design. Journal of Software 3(2), 1–14 (2008)CrossRefGoogle Scholar
  16. 16.
    Rodríguez, A., Fernández-Medina, E., Piattini, M.: A BPMN extension for the modeling of security requirements in business processes. The Institute of Electronics, Information and Communication Engineers (IEICE) Transactions 90-D(4), 745–752 (2007)Google Scholar
  17. 17.
    Schmidt, H., Hatebur, D., Heisel, M.: A pattern- and component-based method to develop secure software. In: Mouratidis, H. (ed.) Software Engineering for Secure Systems: Academic and Industrial Perspectives, ch.3, pp. 32–74. IGI Global (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Kristian Beckers
    • 1
  • Stephan Faßbender
    • 1
  • Maritta Heisel
    • 1
  • Rene Meis
    • 1
  1. 1.paluno - The Ruhr Institute for Software TechnologyUniversity of Duisburg-EssenGermany

Personalised recommendations