Model-Driven Development of a Web Service-Oriented Architecture and Security Policies

Applying model-driven development methodologies provide inherent benefits such as increased productivity, greater reuse, and better maintainability, to name a few. Efforts on achieving model-driven development of web services already exist. However, there is currently no complete solution that addresses non-functional aspects of these services as well. This paper presents an ongoing work which seeks to integrate these non-functional aspects in the development of web services, with a clear emphasis on security.

[1]  Yuichi Nakamura,et al.  Pattern-based Policy Configuration for SOA Applications , 2008, 2008 IEEE International Conference on Services Computing.

[2]  Rubén Alonso,et al.  ISOAS: Through an independent SOA Security Specification , 2008, Seventh International Conference on Composition-Based Software Systems (ICCBSS 2008).

[3]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[4]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[5]  Anthony Nadalin,et al.  Web Services Atomic Transaction (WS- AtomicTransaction) , 2003 .

[6]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[7]  Ruth Breu,et al.  Sectet: an extensible framework for the realization of secure inter-organizational workflows , 2006, Internet Res..

[8]  Guadalupe Ortiz,et al.  Service-Oriented Model-Driven Development: Filling the Extra-Functional Property Gap , 2006, ICSOC.

[9]  Yves Le Traon,et al.  A Model-Based Framework for Security Policy Specification, Deployment and Testing , 2008, MoDELS.

[10]  Sundar Balasubramaniam,et al.  A Model-driven Approach to Service Policies , 2009, J. Object Technol..

[11]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[12]  Stanley M. Sutton,et al.  N degrees of separation: multi-dimensional separation of concerns , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[13]  Thorsten von Eicken,et al.  技術解説 IEEE Computer , 1999 .