Secure and Compliant Implementation of Business Process-Driven Systems

Brucker, Achim D.; Hang, Isabelle

doi:10.1007/978-3-642-36285-9_66

Cited by 17 publications

(13 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This paper extends our previous works in several key aspects: First, the set of properties that can be analysed both on the implementation level as well as on the actual service compositions are extended, eg, to support the analysis of cryptographic properties. Second, formal analyses that yield in a binary “secure” or “inconclusive” result are integrated with quantitative ranking approaches.…”

Section: Introductionmentioning

confidence: 89%

Modelling, validating, and ranking of secure service compositions

et al. 2017

Self Cite

View full text Add to dashboard Cite

Summary In the world of large‐scale applications, software as a service (SaaS) in general and use of microservices, in particular, is bringing service‐oriented architectures to a new level: Systems in general and systems that interact with human users (eg, sociotechnical systems) in particular are built by composing microservices that are developed independently and operated by different parties. At the same time, SaaS applications are used more and more widely by enterprises as well as public services for providing critical services, including those processing security or privacy of relevant data. Therefore, providing secure and reliable service compositions is increasingly needed to ensure the success of SaaS solutions. Building such service compositions securely is still an unsolved problem. In this paper, we present a framework for modelling, validating, and ranking secure service compositions that integrate both automated services as well as services that interact with humans. As a unique feature, our approach for ranking services integrates validated properties (eg, based on the result of formally analysing the source code of a service implementation) as well as contractual properties that are part of the service level agreement and, thus, not necessarily ensured on a technical level.

show abstract

Section: Introductionmentioning

confidence: 89%

Modelling, validating, and ranking of secure service compositions

et al. 2017

Self Cite

View full text Add to dashboard Cite

show abstract

“…We plan to extend our approach along at three lines of research: (i) automated generation of validation checks to be executed after each update of security-related configurations; (ii) as preliminary discussed in [18], automated check for the implementation validation; (iii) integration with monitoring and process mining frameworks.…”

Section: Discussionmentioning

confidence: 99%

“…Moreover, the generated security controls require that manually developed parts to not violate the security requirements. To ensure this, we envision to implement static source code checks (see [18] for a first work in this area).…”

Section: Evaluation and Discussionmentioning

confidence: 99%

“…If the variable is not set, it sets the variable both local and remotely, otherwise it checks if the user who is executing the action in which the "CheckBoD" method is called, is the same as the one memorized in the variable. The "CheckBoD" method will be called in any action of the entities contained in the applications generated from #Pool and #Pool2 (lines [16][17][18][19]. e x p o r t e n t i t y #DOEntity { 3 e l e m e n t BoDUser : S t r i n g ; …”

Section: Security Enforcement Rulesmentioning

confidence: 99%

See 1 more Smart Citation

From Secure Business Process Models to Secure Artifact-Centric Specifications

Salnitri

Brucker

Giorgini

2015

Enterprise, Business-Process and Information Systems Modeling

Self Cite

View full text Add to dashboard Cite

Abstract. Making today's systems secure is an extremely difficult and challenging problem. Socio and technical issues interplay and contribute in creating vulnerabilities that cannot be easily prevented without a comprehensive engineering method. This paper presents a novel approach to support process-aware secure systems modeling and automated generation of secure artifact-centric implementations. It combines social and technical perspectives in developing secure systems. This work is the result of an academic and industrial collaboration, where SecBPMN2, a research prototype, has been integrated with SAP River, an industrial artifact-centric language.

show abstract

“…Our modular architecture allows to integrate other analysis approaches easily (for details, see Brucker and Hang [10]). …”

Section: B Analysing Securebpmn Modelsmentioning

confidence: 99%

A Framework for Secure Service Composition

Brucker¹,

Malmignati

Merabti

et al. 2013

2013 International Conference on Social Computing

Self Cite

View full text Add to dashboard Cite

Abstract-Modern applications are inherently heterogeneous: they are built by composing loosely coupled services that are, usually, offered and operated by different service providers. While this approach increases the flexibility of the composed applications, it makes the implementation of security and trustworthiness requirements difficult. As the number of security requirements is increasing dramatically, there is a need for new approaches that integrate security requirements right from the beginning while composing service-based applications.In this paper, we present a framework for secure service composition using a model-based approach for specifying, building, and executing composed services. As a unique feature, this framework integrates security requirements as a first class citizen and, thus, avoids the "security as an afterthought" paradigm.

show abstract

Secure and Compliant Implementation of Business Process-Driven Systems

Cited by 17 publications

References 21 publications

Modelling, validating, and ranking of secure service compositions

Modelling, validating, and ranking of secure service compositions

From Secure Business Process Models to Secure Artifact-Centric Specifications

A Framework for Secure Service Composition

Contact Info

Product

Resources

About