DocumentCode
1833984
Title
Integrity and Confidentiality Annotations for Service Interfaces in SoaML Models
Author
Hoisl, Bernhard ; Sobernig, Stefan
Author_Institution
Secure Bus. Austria Res. Center, Vienna, Austria
fYear
2011
fDate
22-26 Aug. 2011
Firstpage
673
Lastpage
679
Abstract
This paper presents an approach for incorporating data integrity and data confidentiality into the model-driven development (MDD) of process-driven service-oriented architectures (SOAs) based on the OMG SoaML. Specifications for service interfaces are extended by UML activities to model invocation protocols. An invocation protocol makes the control and the object flows between service invocations explicit. Integrity and confidentiality attributes are used to annotate the object flows. The annotations serve for generating security-aware execution artefacts (e.g., interface description documents, deployment descriptors, and middleware configurations). We applied the approach prototypically in a Web Services platform environment (WS-BPEL, WSDL, WS-Security Policy).
Keywords
Web services; data integrity; service-oriented architecture; SoaML models; UML activity; Web services platform environment; confidentiality annotation; data confidentiality; data integrity; model invocation protocol; model-driven development; object flow; process-driven service-oriented architecture; security-aware execution artefacts; service interfaces; service invocation; Business; Data models; Engines; Protocols; Security; Service oriented architecture; Unified modeling language; Model-Driven Development; Security Engineering; Service-Oriented Architecture; SoaML; UML; Web Services;
fLanguage
English
Publisher
ieee
Conference_Titel
Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
Conference_Location
Vienna
Print_ISBN
978-1-4577-0979-1
Electronic_ISBN
978-0-7695-4485-4
Type
conf
DOI
10.1109/ARES.2011.105
Filename
6046044
Link To Document