Deriving business processes with service level agreements from early requirements

When designing a service-based business process employing loosely coupled services, one is not only interested in guaranteeing a certain flow of work, but also in how the work will be performed. This involves the consideration of non-functional properties which go from execution time and costs, to trust and security. Ideally, a designer would like to have guarantees over the behavior of the services involved in the process. These guarantees are the object of Service Level Agreements. We propose a methodology to design service-based business processes together with Service Level Agreements that guarantee a certain quality of execution, with particular emphasis on security. Starting from an early requirements analysis modeled in the Secure Tropos formalism, we provide a set of user-guided transformations and reasoning tools the final output of which is a set of processes in the form of Secure BPELs together with a set of Service Level Agreements to be signed by participating services. To show the potential impact of the approach, we illustrate the functioning of the methodology on a collaborative procurement scenario derived from the application domain of a research project.

[1]  Wil M. P. van der Aalst,et al.  Pattern-Based Translation of BPMN Process Models to BPEL Web Services , 2008, Int. J. Web Serv. Res..

[2]  Asit Dan,et al.  Web services agreement specification (ws-agreement) , 2004 .

[3]  Arnold Picot,et al.  ICT for the Next Five Billion People , 2010 .

[4]  John Mylopoulos,et al.  Towards requirements-driven information systems engineering: the Tropos project , 2002, Inf. Syst..

[5]  Colette Rolland,et al.  Experience with goal-scenario coupling in requirements engineering , 1999, Proceedings IEEE International Symposium on Requirements Engineering (Cat. No.PR00188).

[6]  Yao-Hua Tan,et al.  Trust and Deception in Virtual Societies , 2001, Springer Netherlands.

[7]  Morris Sloman,et al.  Trust Management Tools for Internet Applications , 2003, iTrust.

[8]  Diego Gambetta Trust : making and breaking cooperative relations , 1992 .

[9]  Rogério de Lemos,et al.  Architecting dependable systems , 2003, J. Syst. Softw..

[10]  Kousha Etessami,et al.  Events and constraints: a graphical editor for capturing logic requirements of programs , 2001, Proceedings Fifth IEEE International Symposium on Requirements Engineering.

[11]  Ganna Frankova,et al.  From Early Requirements to Business Processes with Service Level Agreements , 2007 .

[12]  Heiko Ludwig,et al.  Web Service Level Agreement (WSLA) Language Specification , 2003 .

[13]  Gero Mühl,et al.  QoS aggregation in Web service compositions , 2005, 2005 IEEE International Conference on e-Technology, e-Commerce and e-Service.

[14]  John Mylopoulos,et al.  An Empirical Evaluation of the i* Framework in a Model-Based Software Generation Environment , 2006, CAiSE.

[15]  Axel van Lamsweerde,et al.  Goal-Oriented Requirements Engineering: A Guided Tour , 2001, RE.

[16]  Edward P. K. Tsang,et al.  Foundations of constraint satisfaction , 1993, Computation in cognitive science.

[17]  Mike P. Papazoglou,et al.  Proceedings of the 11th International Conference on Service-Oriented Computing (ICSOC 2013) , 2004 .

[18]  Asit Dan,et al.  Cremona: an architecture and library for creation and monitoring of WS-agreents , 2004, ICSOC '04.

[19]  Yijun Yu,et al.  Requirements-Driven Design and Configuration Management of Business Processes , 2007, BPM.

[20]  Manuele Kirsch-Pinheiro,et al.  An Intentional Approach to Service Engineering , 2010, IEEE Transactions on Services Computing.

[21]  Alida Veldsman,et al.  From technologists to social enterprise developers: Our journey as “ICT for development” practitioners in Southern Africa , 2008 .

[22]  Fabio Massacci,et al.  From Trust to Dependability through Risk Analysis , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[23]  Marco Aiello,et al.  What's in an Agreement? An Analysis and an Extension of WS-Agreement , 2005, ICSOC.

[24]  Fausto Giunchiglia,et al.  Tropos: An Agent-Oriented Software Development Methodology , 2004, Autonomous Agents and Multi-Agent Systems.

[25]  Gustavo Rossi,et al.  A comprehensive design model for integrating business processes in web applications , 2007, Int. J. Web Eng. Technol..

[26]  Carlos Molina-Jiménez,et al.  The Role of Agreements in IT Management Software , 2004, WADS.

[27]  Marco Aiello,et al.  Semantics and Extensions of WS-Agreement , 2006, J. Softw..

[28]  N. Luhmann,et al.  Trust: Making and Breaking Cooperative Relations , 1990 .

[29]  Juan Sánchez,et al.  Business Process Modelling and Purpose Analysis for Requirements Analysis of Information Systems , 2008, CAiSE.

[30]  John Mylopoulos,et al.  Requirements engineering for trust management: model, methodology, and reasoning , 2006, International Journal of Information Security.

[31]  John Mylopoulos,et al.  Specifying and analyzing early requirements in Tropos , 2004, Requirements Engineering.

[32]  N. L. Chervany,et al.  THE MEANINGS OF TRUST , 2000 .

[33]  Mike P. Papazoglou,et al.  Design Methodology for Web Services and Business Processes , 2002, TES.

[34]  D. Collard,et al.  Trust : making and breaking cooperative relations , 1989 .

[35]  Peter Rittgen,et al.  Handbook of Ontologies for Business Interaction , 2007 .

[36]  John Mylopoulos,et al.  From Stakeholder Intentions to Software Agent Implementations , 2006, CAiSE.

[37]  John Mylopoulos,et al.  An ontology for secure socio-technical systems , 2007 .

[38]  Mike P. Papazoglou,et al.  Service-Oriented Computing , 2008 .

[39]  Christian Merz,et al.  Requirements of a mobile procurement framework for rural South Africa , 2009, Mobility Conference.

[40]  C. Castelfranchi,et al.  Social Trust : A Cognitive Approach , 2000 .

[41]  Fabio Massacci,et al.  From Early Requirements Analysis towards Secure Workflows , 2007, IFIPTM.

[42]  Ganna Frankova,et al.  Secure Workflow Development from Early Requirements Analysis , 2008, 2008 Sixth European Conference on Web Services.

[43]  Morris Sloman,et al.  Specifying and Analysing Trust for Internet Applications , 2002, I3E.

[44]  Cinzia Cappiello,et al.  On Automated Generation of Web Service Level Agreements , 2007, CAiSE.

[45]  Stephen A. White,et al.  Business Process Modeling Notation (BPMN), Version 1.0 , 2004 .

[46]  Raman Kazhamiakin,et al.  A framework for integrating business processes and business requirements , 2004, Proceedings. Eighth IEEE International Enterprise Distributed Object Computing Conference, 2004. EDOC 2004..

[47]  Rino Falcone,et al.  Principles of trust for MAS: cognitive anatomy, social importance, and quantification , 1998, Proceedings International Conference on Multi Agent Systems (Cat. No.98EX160).

[48]  Ganna Frankova,et al.  Service and Protection Level Agreements for Business Processes ? , 2007 .

[49]  Christian Merz Incubating Micro Enterprises in Rural South Africa – The Use Case of Virtual Buying Cooperatives , 2010 .

[50]  John Mylopoulos,et al.  Designing Web services with Tropos , 2004, Proceedings. IEEE International Conference on Web Services, 2004..