Title :
Secure Workflow Development from Early Requirements Analysis
Author :
Seguran, M. ; Hebert, C. ; Frankova, Ganna
Author_Institution :
SAP Res., Security & Trust, Mougins
Abstract :
Requirements engineering is being increasingly adopted as a key step in the software development process and so new challenges and possibilities emerge. Designing of Web services and developing of business processes and workflows for Web services is one of the most thought challenging issues in requirements engineering. The research on Web services design is well under way, but the existing design methodologies for Web services do not address the issue of developing secure Web services, secure business processes and secure workflows. For the purpose of developing secure workflows based on the early requirements analysis, in this work, we propose a refinement methodology and a language that allows the workflow engine to automatically enforce trust and delegation requirements. Those workflows are then to be distributed; the security aspects being enforced dynamically at runtime accordingly to the identified requirements. To make the discussion more concrete, we illustrate the proposal with an e-business banking case study.
Keywords :
Web services; formal specification; formal verification; security of data; specification languages; systems analysis; workflow management software; e-business banking; requirements analysis; requirements engineering; secure Web service design; secure business process development; secure workflow development; software development process; specification language; trust enforcement; workflow engine; Banking; Concrete; Design engineering; Design methodology; Engines; Programming; Proposals; Runtime; Security; Web services;
Conference_Titel :
on Web Services, 2008. ECOWS '08. IEEE Sixth European Conference
Conference_Location :
Dublin
Print_ISBN :
978-0-7695-3399-5
DOI :
10.1109/ECOWS.2008.13
