Identification of Vulnerabilities in Web Services using Model-Based Security

In a service-oriented architecture, business processes are executed as composition of services, which can suffer from vulnerabilities. These vulnerabilities in services and the underlying software applications put at risk computer systems in general and business processes in particular. Current vulnerability analysis approaches involve several manual tasks and, hence, are error-prone and costly. Service-oriented architectures impose additional analysis complexity as they provide much flexibility and frequent changes within orchestrated processes and services. Therefore, it is inevitable to provide tools and mechanisms that enable efficient and effective management of vulnerabilities within these complex systems. Model-based security engineering is a promising approach that can help to fill the gap between vulnerabilities on the one hand, and concrete protection mechanisms on the other. The authors present an approach that integrates model-based engineering and vulnerability analysis in order to cope with the security challenges of a service-oriented architecture.

Download Full-text

Event-Driven Service-Oriented Architectures for E-Business

Encyclopedia of E-Business Development and Management in the Global Economy ◽

10.4018/978-1-61520-611-7.ch095 ◽

2010 ◽

pp. 952-962

Author(s):

Olga Levina ◽

Vladimir Stantchev

Keyword(s):

Distributed System ◽

Enterprise Architecture ◽

Business Processes ◽

Service Oriented Architecture ◽

Reference Architecture ◽

Service Oriented Architectures ◽

Application Systems ◽

Event Driven ◽

Service Oriented ◽

Definition Of

E-Business research and practice can be situated on following multiple levels: applications, technological issues, support and implementation (Ngai and Wat 2002). Here we consider technological components for realizing business processes and discuss their foundation architecture for technological enabling. The article provides an introduction to the terms, techniques and realization issues for eventdriven and service-oriented architectures. We begin with a definition of terms and propose a reference architecture for an event-driven service-oriented architecture (EDSOA). Possible applications in the area of E-Business and solution guidelines are considered in the second part of the article. Service-oriented Architectures (SOA) have gained momentum since their introduction in the last years. Seen as an approach to integrate heterogeneous applications within an enterprise architecture they are also used to design flexible and adaptable business processes. An SOA is designed as a distributed system architecture providing a good integration possibility of already existing application systems. Furthermore, SOA is mostly suitable for complex and large system landscapes.

Download Full-text

DESIGN OF DECOUPLED CLINICAL DECISION SUPPORT FOR SERVICE-ORIENTED ARCHITECTURES

International Journal of Software Engineering and Knowledge Engineering ◽

10.1142/s0218194009004143 ◽

2009 ◽

Vol 19 (02) ◽

pp. 159-183 ◽

Cited By ~ 2

Author(s):

JENS WEBER-JAHNKE

Keyword(s):

Decision Support ◽

Clinical Decision Support ◽

Service Oriented Architecture ◽

Empirical Evaluation ◽

Cost Savings ◽

Clinical Decision ◽

Service Oriented Architectures ◽

Distributed Services ◽

Service Oriented ◽

Computer Based

Computer-based clinical decision support (CDS) contributes to cost savings, increased patient safety and quality of medical care. Most existing CDS systems are stand-alone products (first generation) or part of complete electronic medical record packages (second generation). Experience shows that creating and maintaining CDS systems is expensive and requires effort that should be economized by sharing them among multiple users. It makes good economic sense to share CDS service installations among a larger set of client systems. The paradigm of a service-oriented architecture (SOA) embraces this idea of sharing distributed services. Some attempts making CDS services available to distributed health information systems exist. However, these approaches have not gained much adoption. We argue that they do not provide a sufficient level of decoupling between client and CDS in order to be broadly reusable in SOAs. In this paper, we present a new CDS service component called EGADSS, which has been designed and implemented with the declared objective to minimize the coupling between client and CDS server. We present our key design decisions, which are guided by empirical research in SOA development. We evaluate our result theoretically by measuring the level of decoupling achieved compared to existing CDS approaches. Furthermore, we report on an empirical evaluation of the resulting design, integrating the EGADSS service with an example client system.

Download Full-text

The role of business processes in service oriented architectures (Editorial)

International Journal of Business Process Integration and Management ◽

10.1504/ijbpim.2007.015160 ◽

2007 ◽

Vol 2 (2) ◽

pp. 75 ◽

Cited By ~ 3

Author(s):

Wil M.P. Van Der Aalst ◽

Frank Leymann ◽

Wolfgang Reisig

Keyword(s):

Business Processes ◽

Service Oriented Architectures ◽

Service Oriented

Download Full-text

Combining usage-based and model-based testing for service-oriented architectures in the industrial practice

International Journal on Software Tools for Technology Transfer ◽

10.1007/s10009-016-0437-y ◽

2016 ◽

Vol 19 (3) ◽

pp. 309-324 ◽

Cited By ~ 5

Author(s):

Steffen Herbold ◽

Patrick Harms ◽

Jens Grabowski

Keyword(s):

Service Oriented Architectures ◽

Industrial Practice ◽

Model Based ◽

Model Based Testing ◽

Service Oriented

Download Full-text

Methodology and Software Components for E-business Development and Implementation

Cases on Performance Measurement and Productivity Improvement ◽

10.4018/978-1-4666-2618-8.ch013 ◽

2013 ◽

pp. 269-298

Author(s):

Neven Vrcek ◽

Ivan Magdalenic

Keyword(s):

Open Source ◽

Large Scale ◽

Network Effects ◽

Business Processes ◽

Small And Medium Enterprises ◽

Module Structure ◽

Service Oriented Architectures ◽

Service Oriented ◽

Public Sectors ◽

Medium Enterprises

Many benefits from implementation of e-business solutions are related to network effects which means that there are many interconnected parties utilizing the same or compatible technologies. The large-scale adoption of e-business practices in public sectors and in small and medium enterprises (SMEs)-prevailing economic environments will be successful if appropriate support in the form of education, adequate legislative, directions, and open source applications is provided. This case study describes the adoption of e-business in public sectors and SMEs by using an integrated open source approach called e-modules. E-module is a model which has process properties, data properties, and requirements on technology. Therefore e-module presents a holistic framework for deployment of e-business solutions and such e-module structure mandates an approach which requires reengineering of business processes and adoption of strong standardization that solves interoperability issues. E-module is based on principles of service-oriented architectures with guidelines for introduction into business processes and integration with ERP systems. Such an open source approach enables the spreading of compatible software solutions across any given country, thus, increasing e-business adoption. This paper presents a methodology for defining and building e-modules.

Download Full-text

Dynamic Reconfiguration of Component-Based Systems

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Handbook of Research on Architectural Trends in Service-Driven Computing ◽

10.4018/978-1-4666-6178-3.ch004 ◽

2014 ◽

pp. 76-102

Author(s):

Tony Clark ◽

Balbir S. Barn ◽

Vinay Kulkarni

Keyword(s):

Business Processes ◽

Service Oriented Architecture ◽

Dynamic Reconfiguration ◽

System Component ◽

Ripple Effect ◽

Dynamic Architecture ◽

Component Architecture ◽

Service Oriented ◽

Typical Component

Component-based approaches generalize basic object-oriented implementations by allowing large collections of objects to be grouped together and externalized in terms of public interfaces. A typical component-based system will include a large number of interacting components. Service-Oriented Architecture (SOA) organizes a system in terms of components that communicate via services. Components publish services that they implement as business processes. Consequently, a change to a single component can have a ripple effect on the service-driven system. Component reconfiguration is motivated by the need to evolve the component architecture and can take a number of forms. The authors define a dynamic architecture as one that supports changing the behavior and topology of existing components without stopping, updating, and redeploying the system. This chapter addresses the problem of dynamic reconfiguration of component-based architectures. It proposes a reification approach that represents key features of a language in data, so that a system can reason and dynamically modify aspects of it. The approach is described in terms of a new language called µLEAP and validated by implementing a simple case study.

Download Full-text

Semantic Web Services-Based Knowledge Management Framework

Mobile Computing and Wireless Networks ◽

10.4018/978-1-4666-8751-6.ch019 ◽

2016 ◽

pp. 429-438

Author(s):

Vili Podgorelec ◽

Boštjan Grašič

Keyword(s):

Knowledge Management ◽

Web Services ◽

Semantic Web ◽

Business Processes ◽

Service Oriented Architecture ◽

Semantic Web Services ◽

Semantic Web Technologies ◽

Management Framework ◽

Knowledge Based ◽

Service Oriented

In this chapter, a Semantic Web services-based knowledge management framework that enables holistic knowledge management in organizations is presented. As the economy is becoming one single global marketplace, where the best offer wins, organizations have to search for competitive advantage within themselves. With the growing awareness that key potentials of an organization lie within its people and their knowledge, efficient knowledge management is becoming one of key focuses in organizational activities. The proposed knowledge management framework is based on Semantic Web technologies and service-oriented architecture, supporting the operational business processes as well as knowledge-based management of services in service-oriented architecture.

Download Full-text

Structuring SOA Governance

Business Strategy and Applications in Enterprise IT Governance ◽

10.4018/978-1-4666-1779-7.ch004 ◽

2012 ◽

pp. 56-73

Author(s):

Michael Niemann ◽

André Miede ◽

Wolfgang Johannsen ◽

Nicolas Repp ◽

Ralf Steinmetz

Keyword(s):

Service Oriented Architecture ◽

Holistic Approach ◽

Generic Model ◽

Legal Regulations ◽

It Infrastructure ◽

Market Conditions ◽

Service Oriented Architectures ◽

It Systems ◽

Service Oriented

Companies’ IT Systems are confronted with constantly changing market conditions, new competitive threats and a growing number of legal regulations. The service-oriented architecture (SOA) paradigm provides a promising way to address these challenges at the level of a company’s IT infrastructure. These challenges, as well as the management of the newly introduced complexity and heterogeneity, are targeted by SOA Governance approaches. In recent years, a number of concrete frameworks for SOA Governance addressing these issues have been proposed. There is no holistic approach considering all proposed elements, consolidating them in order to form a universally applicable model. In this contribution, we motivate SOA Governance, investigate and compare different approaches, identify common concepts, and derive a generic model for governance of Service-oriented Architectures.

Download Full-text

A Role of Enterprise Service Bus in Building Web Services

Advances in Business Information Systems and Analytics - Exploring Enterprise Service Bus in the Service-Oriented Architecture Paradigm ◽

10.4018/978-1-5225-2157-0.ch004 ◽

2017 ◽

pp. 46-58

Author(s):

Dinesh Sharma ◽

Devendra Kumar Mishra

Keyword(s):

Web Services ◽

Business Processes ◽

Service Oriented Architecture ◽

Enterprise Service Bus ◽

Fast Processing ◽

Service Oriented ◽

Open Standards ◽

Or Organization ◽

Services Use

Present is the era of fast processing industries or organization gives more emphasis for planning of business processes. This planning may differ from industry to industry. Service oriented architecture provides extensible and simple architecture for industry problem solutions. Web services are a standardized way for developing interoperable applications. Web services use open standards and protocols like http, xml and soap. This chapter provides a role of enterprise service bus in building web services.

Download Full-text