Integrity and Confidentiality Annotations for Service Interfaces in SoaML Models

Bernhard Hoisl; Stefan Sobernig

Integrity and Confidentiality Annotations for Service Interfaces in SoaML Models

Institute for Complex Networks

Publication: Chapter in book/Conference proceeding › Contribution to conference proceedings

Abstract

This paper presents an approach for incorporating data integrity and data confidentiality into the model-driven development (MDD) of process-driven service-oriented architectures (SOAs) based on the OMG SoaML. Specifications for service interfaces are extended by UML activities to model invocation protocols. An invocation protocol makes the control and the object flows between service invocations explicit. Integrity and confidentiality attributes are used to annotate the object flows. The annotations serve for generating security-aware execution artefacts (e.g., interface description documents, deployment descriptors, and middleware configurations). We applied the approach prototypically in a Web Services platform environment (WS-BPEL, WSDL, WS-SecurityPolicy).

Original language	English
Title of host publication	Proceedings of the International Workshop on Security Aspects of Process-aware Information Systems (SAPAIS)
Editors	N.N.
Place of Publication	Washington, D.C.
Publisher	IEEE Computer Society Press
Pages	673 - 679
Publication status	Published - 2011

Austrian Classification of Fields of Science and Technology (ÖFOS)

102022 Software development
502050 Business informatics
102

Check availability

University Library Catalogue

Domain-Specific Languages for Model-Driven Security Engineering
Hoisl, B. (PI - Project head)
1/12/11 → 30/11/13
Project: Other

Cite this

@inproceedings{e31551e68e584bf7a0959a00cbcbfd1b,

title = "Integrity and Confidentiality Annotations for Service Interfaces in SoaML Models",

abstract = "This paper presents an approach for incorporating data integrity and data confidentiality into the model-driven development (MDD) of process-driven service-oriented architectures (SOAs) based on the OMG SoaML. Specifications for service interfaces are extended by UML activities to model invocation protocols. An invocation protocol makes the control and the object flows between service invocations explicit. Integrity and confidentiality attributes are used to annotate the object flows. The annotations serve for generating security-aware execution artefacts (e.g., interface description documents, deployment descriptors, and middleware configurations). We applied the approach prototypically in a Web Services platform environment (WS-BPEL, WSDL, WS-SecurityPolicy).",

author = "Bernhard Hoisl and Stefan Sobernig",

year = "2011",

language = "English",

pages = "673 -- 679",

editor = "N.N.",

booktitle = "Proceedings of the International Workshop on Security Aspects of Process-aware Information Systems (SAPAIS)",

publisher = "IEEE Computer Society Press",

}

Integrity and Confidentiality Annotations for Service Interfaces in SoaML Models. / Hoisl, Bernhard; Sobernig, Stefan.
Proceedings of the International Workshop on Security Aspects of Process-aware Information Systems (SAPAIS). ed. / N.N. Washington, D.C.: IEEE Computer Society Press, 2011. p. 673 - 679.

Publication: Chapter in book/Conference proceeding › Contribution to conference proceedings

TY - GEN

T1 - Integrity and Confidentiality Annotations for Service Interfaces in SoaML Models

AU - Hoisl, Bernhard

AU - Sobernig, Stefan

PY - 2011

Y1 - 2011

N2 - This paper presents an approach for incorporating data integrity and data confidentiality into the model-driven development (MDD) of process-driven service-oriented architectures (SOAs) based on the OMG SoaML. Specifications for service interfaces are extended by UML activities to model invocation protocols. An invocation protocol makes the control and the object flows between service invocations explicit. Integrity and confidentiality attributes are used to annotate the object flows. The annotations serve for generating security-aware execution artefacts (e.g., interface description documents, deployment descriptors, and middleware configurations). We applied the approach prototypically in a Web Services platform environment (WS-BPEL, WSDL, WS-SecurityPolicy).

AB - This paper presents an approach for incorporating data integrity and data confidentiality into the model-driven development (MDD) of process-driven service-oriented architectures (SOAs) based on the OMG SoaML. Specifications for service interfaces are extended by UML activities to model invocation protocols. An invocation protocol makes the control and the object flows between service invocations explicit. Integrity and confidentiality attributes are used to annotate the object flows. The annotations serve for generating security-aware execution artefacts (e.g., interface description documents, deployment descriptors, and middleware configurations). We applied the approach prototypically in a Web Services platform environment (WS-BPEL, WSDL, WS-SecurityPolicy).

M3 - Contribution to conference proceedings

SP - 673

EP - 679

BT - Proceedings of the International Workshop on Security Aspects of Process-aware Information Systems (SAPAIS)

A2 - N.N., null

PB - IEEE Computer Society Press

CY - Washington, D.C.

ER -

Integrity and Confidentiality Annotations for Service Interfaces in SoaML Models

Abstract

Austrian Classification of Fields of Science and Technology (ÖFOS)

Check availability

Projects

Domain-Specific Languages for Model-Driven Security Engineering

Cite this