表紙画像

Model-based Security Engineering of SOA System Using Security Intent DSL

Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA env...

詳細記述

保存先:
書誌詳細
主要な著者: Saleem, M. Q., Jaafar, J., Hassan, M.F.
フォーマット: Citation Index Journal
出版事項: The Society of Digital Information and Wireless Communications 2011
主題:
QA76 Computer software
オンライン・アクセス:http://eprints.utp.edu.my/6393/1/vol01_no02_55.pdf
http://www.sdiwc.net/ijncaa/index.php
http://eprints.utp.edu.my/6393/
タグ: タグ追加
タグなし, このレコードへの初めてのタグを付けませんか!
id my.utp.eprints.6393
record_format eprints
spelling my.utp.eprints.63932017-01-19T08:22:43Z Model-based Security Engineering of SOA System Using Security Intent DSL Saleem, M. Q. Jaafar, J. Hassan, M.F. QA76 Computer software Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is quite difficult for developers because they are not security experts. Furthermore SOA security is cross-domain and all required information are not available at downstream phases. Furthermore, business process expert; who is the actual stakeholder of the business process model is unable to specify security objectives due to lake of security modelling elements in a general purpose modelling languages like UML. As a result, business process expert either ignore the security intents in their model or indicate them in textual way. A security intents DSL is presented as a UML profile where security intents can be modelled as stereotypes on UML modelling elements during the business process modelling. Aim is to facilitate the business process expert in modelling the security requirements along the business process modelling. This security annotated business process model will facilitate the architectural team in specifying the concrete security implementation. As a proof of work we apply our approach to a typical on-line flight booking system business process. The Society of Digital Information and Wireless Communications 2011-06 Citation Index Journal PeerReviewed application/pdf http://eprints.utp.edu.my/6393/1/vol01_no02_55.pdf http://www.sdiwc.net/ijncaa/index.php Saleem, M. Q. and Jaafar, J. and Hassan, M.F. (2011) Model-based Security Engineering of SOA System Using Security Intent DSL. [Citation Index Journal] http://eprints.utp.edu.my/6393/
institution Universiti Teknologi Petronas
building UTP Resource Centre
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Petronas
content_source UTP Institutional Repository
url_provider http://eprints.utp.edu.my/
topic QA76 Computer software
spellingShingle QA76 Computer software
Saleem, M. Q.
Jaafar, J.
Hassan, M.F.
Model-based Security Engineering of SOA System Using Security Intent DSL
description Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is quite difficult for developers because they are not security experts. Furthermore SOA security is cross-domain and all required information are not available at downstream phases. Furthermore, business process expert; who is the actual stakeholder of the business process model is unable to specify security objectives due to lake of security modelling elements in a general purpose modelling languages like UML. As a result, business process expert either ignore the security intents in their model or indicate them in textual way. A security intents DSL is presented as a UML profile where security intents can be modelled as stereotypes on UML modelling elements during the business process modelling. Aim is to facilitate the business process expert in modelling the security requirements along the business process modelling. This security annotated business process model will facilitate the architectural team in specifying the concrete security implementation. As a proof of work we apply our approach to a typical on-line flight booking system business process.
format Citation Index Journal
author Saleem, M. Q.
Jaafar, J.
Hassan, M.F.
author_facet Saleem, M. Q.
Jaafar, J.
Hassan, M.F.
author_sort Saleem, M. Q.
title Model-based Security Engineering of SOA System Using Security Intent DSL
title_short Model-based Security Engineering of SOA System Using Security Intent DSL
title_full Model-based Security Engineering of SOA System Using Security Intent DSL
title_fullStr Model-based Security Engineering of SOA System Using Security Intent DSL
title_full_unstemmed Model-based Security Engineering of SOA System Using Security Intent DSL
title_sort model-based security engineering of soa system using security intent dsl
publisher The Society of Digital Information and Wireless Communications
publishDate 2011
url http://eprints.utp.edu.my/6393/1/vol01_no02_55.pdf
http://www.sdiwc.net/ijncaa/index.php
http://eprints.utp.edu.my/6393/
_version_ 1738655485146431488
score 13.154949

類似資料