CIM to PIM Transformation: A Reality
Within the scope of MDA, the model transformation is orientated towards solving the problems of time, cost and quality associated with software creation. Moreover, business process modeling, through the use of industrial standards such as UML or BPMN, offers us a good opportunity to incorporate requirements at high levels of abstraction. We consider Secure Business Process models such as the Computation Independent Model (CIM). In this paper we show that it is possible to define CIM to PIM (Platform Independent Model) transformations, using QVT rules. Through our rules, we obtain certain UML analysis-level classes and use cases which will be part of the PIM of an information system. We illustrate our approach with a case study concerned with payment for the consumption of electrical energy.
KeywordsBusiness process MDA Requirement specifications Security
- 1.J. Bézivin, In Search of a Basic Principle for Model Driven Engineering, UPGRADE, European Journal for the Informatics Professional. Volume 5, Number 2, pp.21–24, (2004).Google Scholar
- 2.Object Management Group, MDA Guide Version 1.0.1. http://www.omg.org/docs/omg/03-06-01.pdf. (Accessed 2003).
- 3.QVT, Meta Object Facility (MOF) 2.0 Query/View/Transformation Specification, OMG Adopted Specification ptc/05-11-01 (2005), p.204.Google Scholar
- 4.WfMC, Workflow Management Coalition: Terminology & Glossary (1999), p.65.Google Scholar
- 5.A. Rodríguez, E. Fernández-Medina, and M. Piattini, Towards a UML 2.0 Extension for the Modeling of Security Requirements in Business Processes, in Proc. of 3rd International Conference on Trust, Privacy and Security in Digital Business (TrustBus). Volume 4083 (Krakow, Poland, 2006), pp.51–61.Google Scholar
- 7.Object Management Group, Unified Modeling Language: Superstructure Version 2.1.1 (formal/2007-02-05). http://www.omg.org/docs/formal/07-02-05.pdf (Accessed 2007).
- 8.BPMN, Business Process Modeling Notation Specification, OMG Final Adopted Specification, dtc/06-02-01. http://www.bpmn.org/Documents/OMG%20Final%20Adopted%20BPMN%201-0%20Spec%2006-02-01.pdf (Accessed 2006).
- 10.G. Herrmann and G. Pernul, Viewing Business Process Security from Different Perspectives, in Proc. of 11th International Bled Electronic Commerce Conference (Slovenia, 1998), pp.89–103.Google Scholar
- 12.A. Maña, J. A. Montenegro, C. Rudolph and J. L. Vivas, A business process-driven approach to security engineering, in 14th. International Workshop on Database and Expert Systems Applications (DEXA) (Prague, Czech Republic, 2003), pp.477–481.Google Scholar
- 13.A. W. Röhm, G. Pernul and G. Herrmann, Modelling Secure and Fair Electronic Commerce, in Proc. of 14th. Annual Computer Security Applications Conference (Scottsdale, Arizona, 1998), pp.155–164.Google Scholar
- 14.D. Firesmith, Specifying Reusable Security Requirements, Journal of Object Technology. Volume 3, Number 1, pp.61–75, (2004).Google Scholar
- 16.I. Jacobson, G. Booch and J. Rumbaugh, The Unified Software Development Process (1999), pp.463-.Google Scholar
- 17.A. Rodríguez, E. Fernández-Medina and M. Piattini, M-BPSec: A Method for Security Requirement Elicitation from a UML 2.0 Business Process Specification, in 3rd International Workshop on Foundations and Practices of UML (Auckland, New Zealand, 2007).Google Scholar
- 18.A. Rodríguez, E. Fernández-Medina and M. Piattini, Analysis-Level Classes from Secure Business Processes through Models Transformations, in Proc. of 4th International Conference on Trust, Privacy and Security in Digital Business (TrustBus) (Regensburg, Germany, 2007).Google Scholar
- 19.A. Rodríguez and I. García-Rodríguez de Guzmán, Obtaining Use Cases and Security Use Cases from Secure Business Process through the MDA Approach, in Workshop on Security in Information Systems (WOSIS) (Funchal, Madeira-Portugal, 2007).Google Scholar