An End-to-End Framework for Business Compliance in Process-Driven SOAs

It is significant for companies to ensure their businesses conforming to relevant policies, laws, and regulations as the consequences of infringement can be serious. Unfortunately, the divergence and frequent changes of different compliance sources make it hard to systematically and quickly accommodate new compliance requirements due to the lack of an adequate methodology for system and compliance engineering. In addition, the difference of perception and expertise of multiple stakeholders involving in system and compliance engineering further complicates the analyzing, implementing, and assessing of compliance. For these reasons, in many cases, business compliance today is reached on aper-case basis by using ad hoc, hand-crafted solutions for specific rules to which they must comply. This leads in the long run to problems regarding complexity, understandability, and maintainability of compliance concerns in a SOA. To address the aforementioned challenges, we present in this invited paper a comprehensive SOA business compliance software framework that enables a business to express, implement, monitor, and govern compliance concerns.

[1]  Schahram Dustdar,et al.  View-Based Reverse Engineering Approach for Enhancing Model Interoperability and Reusability in Process-Driven SOAs , 2008, ICSR.

[2]  Schahram Dustdar,et al.  Tailoring a model-driven Quality-of-Service DSL for various stakeholders , 2009, 2009 ICSE Workshop on Modeling in Software Engineering.

[3]  Fabio Casati,et al.  On the Design of Compliance Governance Dashboards for Effective Compliance and Audit Management , 2009, ICSOC/ServiceWave Workshops.

[4]  Schahram Dustdar,et al.  View-based and Model-driven Approach for Reducing the Development Complexity in Process-Driven SOA , 2007, BPSC.

[5]  Manuel Wimmer,et al.  A survey on model versioning approaches , 2009, Int. J. Web Inf. Syst..

[6]  Leonardo Murta,et al.  Towards odyssey-VCS 2: improvements over a UML-based version control system , 2008, CVSM@ICSE.

[7]  Frank Leymann,et al.  An Integrated Solution for Runtime Compliance Governance in SOA , 2010, ICSOC.

[8]  Recommended Practice for Architectural Description of Software-Intensive Systems , 1999 .

[9]  Jean Bézivin,et al.  On the unification power of models , 2005, Software & Systems Modeling.

[10]  Schahram Dustdar,et al.  Modeling Process-Driven SOAs , 2009, Handbook of Research on Business Process Modeling.

[11]  Fabio Casati,et al.  Business Compliance Governance in Service-Oriented Architectures , 2009, 2009 International Conference on Advanced Information Networking and Applications.

[12]  Schahram Dustdar,et al.  Modeling Human Aspects of Business Processes - A View-Based, Model-Driven Approach , 2008, ECMDA-FA.

[13]  Gerti Kappel,et al.  AMOR – Towards Adaptable Model Versioning , 2008 .

[14]  Tracee Vetting Wolf,et al.  Seeing is believing: Designing visualizations for managing risk and compliance , 2007, IBM Syst. J..

[15]  Themis Palpanas,et al.  Model-Driven Dashboards for Business Performance Reporting , 2006, 2006 10th IEEE International Enterprise Distributed Object Computing Conference (EDOC'06).

[16]  Schahram Dustdar,et al.  View-Based Integration of Process-Driven SOA Models at Various Abstraction Levels , 2008, MBSDI.

[17]  Schahram Dustdar,et al.  MORSE: A Model-Aware service environment , 2009, 2009 IEEE Asia-Pacific Services Computing Conference (APSCC).

[18]  Jonas Helming,et al.  EMFStore: a model repository for EMF models , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[19]  Nenad Stojanovic,et al.  Pattern-Based Design and Validation of Business Process Compliance , 2007, OTM Conferences.

[20]  Schahram Dustdar,et al.  Monitoring and Analyzing Service-Based Internet Systems through a Model-Aware Service Environment , 2010, CAiSE.

[21]  Alexander Pretschner,et al.  Towards Systematic Achievement of Compliance in Service-Oriented Architectures: The MASTER Approach , 2008, Wirtsch..

[22]  Schahram Dustdar,et al.  Model-Driven Integration and Management of Data Access Objects in Process-Driven SOAs , 2008, ServiceWave.