Hoisl, Bernhard, Sobernig, Stefan, Strembeck, Mark. 2014. Modeling and Enforcing Secure Object Flows in Process-driven SOAs: An Integrated Model-driven Approach. Software and Systems Modeling 13 (2): 513-548.

BibTeX

@ARTICLE{Hoisl2014,
title = {Modeling and Enforcing Secure Object Flows in Process-driven SOAs: An Integrated Model-driven Approach},
author = {Bernhard Hoisl and Stefan Sobernig and Mark Strembeck},
year = {2014},
url = {http://dx.doi.org/10.1007/s10270-012-0263-y},
volume = {13},
number = {2},
language = {EN},
pages = {513-548},
series = {Modeling and enforcing secure object flows in process-driven SOAs: an integrated model-driven approach},
journal = {Software & Systems Modeling (Springer)},
abstract = {In this paper, we present an integrated model-driven approach for the specification and the enforcement of secure object flows in process-driven service-oriented architectures (SOA). In this context, a secure object flow ensures the confidentiality and the integrity of important objects (such as business contracts or electronic patient records) that are passed between different participants in SOA-based business processes. We specify a formal and generic metamodel for secure object flows that can be used to extend arbitrary process modeling languages. To demonstrate our approach, we present a UML extension for secure object flows. Moreover, we describe how platform-independent models are mapped to platform-specific software artifacts via automated model transformations. In addition, we give a detailed description of how we integrated our approach with the Eclipse modeling tools.},
}

Abstract

In this paper, we present an integrated model-driven approach for the specification and the enforcement of secure object flows in process-driven service-oriented architectures (SOA). In this context, a secure object flow ensures the confidentiality and the integrity of important objects (such as business contracts or electronic patient records) that are passed between different participants in SOA-based business processes. We specify a formal and generic metamodel for secure object flows that can be used to extend arbitrary process modeling languages. To demonstrate our approach, we present a UML extension for secure object flows. Moreover, we describe how platform-independent models are mapped to platform-specific software artifacts via automated model transformations. In addition, we give a detailed description of how we integrated our approach with the Eclipse modeling tools.

Publication's profile

Status of publication Published
Affiliation WU
Type of publication Journal article
Journal Software & Systems Modeling (Springer)
Citation Index SCI
Language English
Title Modeling and Enforcing Secure Object Flows in Process-driven SOAs: An Integrated Model-driven Approach
Volume 13
Number 2
Year 2014
Page from 513
Page to 548
URL http://dx.doi.org/10.1007/s10270-012-0263-y

Associations

Projects
Domain-Specific Languages for Model-Driven Security Engineering
People
Hoisl, Bernhard (Former researcher)
Sobernig, Stefan (Details)
Strembeck, Mark (Details)
Organization
Information Systems and New Media IN (Details)
Research areas (Ă–STAT Classification 'Statistik Austria')
1108 Informatics (Details)
1140 Software engineering (Details)
1147 IT security (Details)
5367 Management information systems (Details)
Google Scholar: Search