Hoisl, Bernhard, Sobernig, Stefan, Strembeck, Mark. 2014. Modeling and Enforcing Secure Object Flows in Process-driven SOAs: An Integrated Model-driven Approach. Software and Systems Modeling 13 (2): 513-548.
In this paper, we present an integrated model-driven approach for the specification and the enforcement of secure object flows in process-driven service-oriented architectures (SOA). In this context, a secure object flow ensures the confidentiality and the integrity of important objects (such as business contracts or electronic patient records) that are passed between different participants in SOA-based business processes. We specify a formal and generic metamodel for secure object flows that can be used to extend arbitrary process modeling languages. To demonstrate our approach, we present a UML extension for secure object flows. Moreover, we describe how platform-independent models are mapped to platform-specific software artifacts via automated model transformations. In addition, we give a detailed description of how we integrated our approach with the Eclipse modeling tools.
|Status of publication||Published|
|Type of publication||Journal article|
|Journal||Software & Systems Modeling (Springer)|
|Title||Modeling and Enforcing Secure Object Flows in Process-driven SOAs: An Integrated Model-driven Approach|
- Domain-Specific Languages for Model-Driven Security Engineering
- Hoisl, Bernhard (Former researcher)
- Sobernig, Stefan (Details)
- Strembeck, Mark (Details)
- Information Systems and New Media IN (Details)
- Research areas (ÖSTAT Classification 'Statistik Austria')
- 1108 Informatics (Details)
- 1140 Software engineering (Details)
- 1147 IT security (Details)
- 5367 Management information systems (Details)