Title :
Integrity and Confidentiality Annotations for Service Interfaces in SoaML Models
Author :
Hoisl, Bernhard ; Sobernig, Stefan
Author_Institution :
Secure Bus. Austria Res. Center, Vienna, Austria
Abstract :
This paper presents an approach for incorporating data integrity and data confidentiality into the model-driven development (MDD) of process-driven service-oriented architectures (SOAs) based on the OMG SoaML. Specifications for service interfaces are extended by UML activities to model invocation protocols. An invocation protocol makes the control and the object flows between service invocations explicit. Integrity and confidentiality attributes are used to annotate the object flows. The annotations serve for generating security-aware execution artefacts (e.g., interface description documents, deployment descriptors, and middleware configurations). We applied the approach prototypically in a Web Services platform environment (WS-BPEL, WSDL, WS-Security Policy).
Keywords :
Web services; data integrity; service-oriented architecture; SoaML models; UML activity; Web services platform environment; confidentiality annotation; data confidentiality; data integrity; model invocation protocol; model-driven development; object flow; process-driven service-oriented architecture; security-aware execution artefacts; service interfaces; service invocation; Business; Data models; Engines; Protocols; Security; Service oriented architecture; Unified modeling language; Model-Driven Development; Security Engineering; Service-Oriented Architecture; SoaML; UML; Web Services;
Conference_Titel :
Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
Conference_Location :
Vienna
Print_ISBN :
978-1-4577-0979-1
Electronic_ISBN :
978-0-7695-4485-4
DOI :
10.1109/ARES.2011.105
