Cover Image

Security modeling of SOA system using security intent DSL

Currently most of the enterprises are using SOA and Web Services technologies to build their web information system. MDA principles are used to develop web service and they used UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, secu...

Full description

Saved in:
Bibliographic Details
Main Authors: Saleem, M. Q., Jaafar, J., Hassan, M.F.
Format: Article
Published: Springer 2011
Subjects:
QA76 Computer software
Online Access:http://eprints.utp.edu.my/6487/1/paper1.pdf
http://www.springerlink.com/content/k3211g2g36965124/
http://eprints.utp.edu.my/6487/
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.utp.eprints.6487
record_format eprints
spelling my.utp.eprints.64872017-01-19T08:23:25Z Security modeling of SOA system using security intent DSL Saleem, M. Q. Jaafar, J. Hassan, M.F. QA76 Computer software Currently most of the enterprises are using SOA and Web Services technologies to build their web information system. MDA principles are used to develop web service and they used UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is quite difficult for developers because they are not security experts. Furthermore SOA security is cross-domain and all required information are not available at downstream phases. General purpose modelling language like UML lacks the model elements to define the security requirements of the business processes. As a result, business process expert either ignore the security intents in their model or indicate them in textual way. A security intents DSL is presented as a UML profile where security intents can be modelled as stereotypes on UML modelling elements during the business process modelling. Aim is to facilitate the business process expert in modelling the security requirements along the business process modelling. This security annotated business process model will facilitate the security expert in specifying the concrete security implementation. As a proof of work we apply our approach to a typical on-line flight booking system business process. © 2011 Springer-Verlag. Springer 2011 Article PeerReviewed application/pdf http://eprints.utp.edu.my/6487/1/paper1.pdf http://www.springerlink.com/content/k3211g2g36965124/ Saleem, M. Q. and Jaafar, J. and Hassan, M.F. (2011) Security modeling of SOA system using security intent DSL. Communications in Computer and Information Science, 181 CC (PART 3). pp. 176-190. ISSN 18650929 http://eprints.utp.edu.my/6487/
institution Universiti Teknologi Petronas
building UTP Resource Centre
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Petronas
content_source UTP Institutional Repository
url_provider http://eprints.utp.edu.my/
topic QA76 Computer software
spellingShingle QA76 Computer software
Saleem, M. Q.
Jaafar, J.
Hassan, M.F.
Security modeling of SOA system using security intent DSL
description Currently most of the enterprises are using SOA and Web Services technologies to build their web information system. MDA principles are used to develop web service and they used UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is quite difficult for developers because they are not security experts. Furthermore SOA security is cross-domain and all required information are not available at downstream phases. General purpose modelling language like UML lacks the model elements to define the security requirements of the business processes. As a result, business process expert either ignore the security intents in their model or indicate them in textual way. A security intents DSL is presented as a UML profile where security intents can be modelled as stereotypes on UML modelling elements during the business process modelling. Aim is to facilitate the business process expert in modelling the security requirements along the business process modelling. This security annotated business process model will facilitate the security expert in specifying the concrete security implementation. As a proof of work we apply our approach to a typical on-line flight booking system business process. © 2011 Springer-Verlag.
format Article
author Saleem, M. Q.
Jaafar, J.
Hassan, M.F.
author_facet Saleem, M. Q.
Jaafar, J.
Hassan, M.F.
author_sort Saleem, M. Q.
title Security modeling of SOA system using security intent DSL
title_short Security modeling of SOA system using security intent DSL
title_full Security modeling of SOA system using security intent DSL
title_fullStr Security modeling of SOA system using security intent DSL
title_full_unstemmed Security modeling of SOA system using security intent DSL
title_sort security modeling of soa system using security intent dsl
publisher Springer
publishDate 2011
url http://eprints.utp.edu.my/6487/1/paper1.pdf
http://www.springerlink.com/content/k3211g2g36965124/
http://eprints.utp.edu.my/6487/
_version_ 1738655491727294464
score 13.154949

Similar Items