The use of business process standards to model and execute business needs is growing rapidly. In addition, Service-oriented Computing has been adopted to realize business processes, which basically consists of executing the process activities using services available in the Internet. In this context, the importance of security is apparent, because sensitive data sent over the Internet may be accessed by unauthorized thirdparties. To prevent security problems, users may associate security requirements that must be enforced in essential tasks of the business process. This fact leads to the need of automation, because both functional and security requirements should be modeled, at high-level, and enforced, at execution level. This work proposes a cloud-based solution named BPA-Sec4Cloud that supports all phases of the security-aware business process automation, from its modeling to its deployment. The use of a cloud-based solution facilitates the deployment process because all needed resources are available in the cloud and ready to be used. In addition, the cloud is also used as a platform in order to provide specific services, such as translators, to support the automation process. In order to evaluate the BPA-Sec4Cloud, the solution was compared against existing solutions through the use of metrics related to the quality of generated artifacts.
B Fernando Lins
The adoption of business processes to design business activities is becoming a reality to a significant number of companies. In addition, the Service-Oriented Architecture (SOA) is being used in diverse situations for the execution of business processes using computational resources. In this context, the need of business process automation appears with high relevance. In this work, we present a solution named BPA-SOA, which aims to automate SOA-based business processes, specified in BPMN, into WS-BPEL executable processes. In BPA-SOA, business and service information can be specified at the business level, translated into executable artifacts, deployed in execution-level resources and enforced at runtime. An illustrative scenario is presented to better illustrate and showcase the proposed solution.
The Sec-MoSC Tooling supports modelling and enforcement of security abstractions in business processes and service composition. It offers a novel approach consisting of abstractions and methods for capturing and enforcing security requirements in service composition.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations鈥揷itations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.