Security Evaluation of Service-Oriented Systems Using the SiSOA Method

The Service-Oriented Architecture paradigm (SOA) is commonly applied for the implementation of complex, distributed business processes. The service-oriented approach promises higher flexibility, interoperability and reusability of the IT infrastructure. However, evaluating the quality attribute security of such complex SOA configurations is not sufficiently mastered yet. To tackle this complex problem, the authors developed a method for evaluating the security of existing service-oriented systems on the architectural level. The method is based on recovering security-relevant facts about the system by using reverse engineering techniques and subsequently providing automated support for further interactive security analysis at the structural level. By using generic, system-independent indicators and a knowledge base, the method is not limited to a specific programming language or technology. Therefore, the method can be applied to various systems and adapt it to specific evaluation needs. The paper describes the general structure of the method, the knowledge base, and presents an instantiation aligned to the Service Component Architecture (SCA) specification.

Download Full-text

Security Evaluation of Service-Oriented Systems Using the SiSOA Method

Developing and Evaluating Security-Aware Software Systems ◽

10.4018/978-1-4666-2482-5.ch002 ◽

2012 ◽

pp. 20-35

Author(s):

Christian Jung ◽

Manuel Rudolph ◽

Reinhard Schwarz

Keyword(s):

Knowledge Base ◽

Business Processes ◽

Service Oriented Architecture ◽

General Structure ◽

Security Analysis ◽

Complex Problem ◽

Security Evaluation ◽

Structural Level ◽

Service Oriented ◽

Automated Support

Download Full-text

DYNAMIC REST SERVICES ORCHESTRATION USING THE KNOWLEDGE BASE

Visnyk Universytetu “Ukraina” ◽

10.36994/2707-4110-2019-1-22-26 ◽

2019 ◽

Author(s):

Kostyantyn Kharchenko

Keyword(s):

Knowledge Base ◽

Service Oriented Architecture ◽

Main Idea ◽

The Real ◽

Server Side ◽

Service Oriented ◽

Services Orchestration ◽

Client Side ◽

Abstract Operation ◽

Microservice Architecture

The approach to organizing the automated calculations’ execution process using the web services (in particular, REST-services) is reviewed. The given solution will simplify the procedure of introduction of the new functionality in applied systems built according to the service-oriented architecture and microservice architecture principles. The main idea of the proposed solution is in maximum division of the server-side logic development and the client-side logic, when clients are used to set the abstract computation goals without any dependencies to existing applied services. It is proposed to rely on the centralized scheme to organize the computations (named as orchestration) and to put to the knowledge base the set of rules used to build (in multiple steps) the concrete computational scenario from the abstract goal. It is proposed to include the computing task’s execution subsystem to the software architecture of the applied system. This subsystem is composed of the service which is processing the incoming requests for execution, the service registry and the orchestration service. The clients send requests to the execution subsystem without any references to the real-world services to be called. The service registry searches the knowledge base for the corresponding input request template, then the abstract operation description search for the request template is performed. Each abstract operation may already have its implementation in the form of workflow composed of invocations of the real applied services’ operations. In case of absence of the corresponding workflow in the database, this workflow implementation could be synthesized dynamically according to the input and output data and the functionality description of the abstract operation and registered applied services. The workflows are executed by the orchestrator service. Thus, adding some new functions to the client side can be possible without any changes at the server side. And vice versa, adding new services can impact the execution of the calculations without updating the clients.

Download Full-text

Dynamic Reconfiguration of Component-Based Systems

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Handbook of Research on Architectural Trends in Service-Driven Computing ◽

10.4018/978-1-4666-6178-3.ch004 ◽

2014 ◽

pp. 76-102

Author(s):

Tony Clark ◽

Balbir S. Barn ◽

Vinay Kulkarni

Keyword(s):

Business Processes ◽

Service Oriented Architecture ◽

Dynamic Reconfiguration ◽

System Component ◽

Ripple Effect ◽

Dynamic Architecture ◽

Component Architecture ◽

Service Oriented ◽

Typical Component

Component-based approaches generalize basic object-oriented implementations by allowing large collections of objects to be grouped together and externalized in terms of public interfaces. A typical component-based system will include a large number of interacting components. Service-Oriented Architecture (SOA) organizes a system in terms of components that communicate via services. Components publish services that they implement as business processes. Consequently, a change to a single component can have a ripple effect on the service-driven system. Component reconfiguration is motivated by the need to evolve the component architecture and can take a number of forms. The authors define a dynamic architecture as one that supports changing the behavior and topology of existing components without stopping, updating, and redeploying the system. This chapter addresses the problem of dynamic reconfiguration of component-based architectures. It proposes a reification approach that represents key features of a language in data, so that a system can reason and dynamically modify aspects of it. The approach is described in terms of a new language called µLEAP and validated by implementing a simple case study.

Download Full-text

Semantic Web Services-Based Knowledge Management Framework

Mobile Computing and Wireless Networks ◽

10.4018/978-1-4666-8751-6.ch019 ◽

2016 ◽

pp. 429-438

Author(s):

Vili Podgorelec ◽

Boštjan Grašič

Keyword(s):

Knowledge Management ◽

Web Services ◽

Semantic Web ◽

Business Processes ◽

Service Oriented Architecture ◽

Semantic Web Services ◽

Semantic Web Technologies ◽

Management Framework ◽

Knowledge Based ◽

Service Oriented

In this chapter, a Semantic Web services-based knowledge management framework that enables holistic knowledge management in organizations is presented. As the economy is becoming one single global marketplace, where the best offer wins, organizations have to search for competitive advantage within themselves. With the growing awareness that key potentials of an organization lie within its people and their knowledge, efficient knowledge management is becoming one of key focuses in organizational activities. The proposed knowledge management framework is based on Semantic Web technologies and service-oriented architecture, supporting the operational business processes as well as knowledge-based management of services in service-oriented architecture.

Download Full-text

A Role of Enterprise Service Bus in Building Web Services

Advances in Business Information Systems and Analytics - Exploring Enterprise Service Bus in the Service-Oriented Architecture Paradigm ◽

10.4018/978-1-5225-2157-0.ch004 ◽

2017 ◽

pp. 46-58

Author(s):

Dinesh Sharma ◽

Devendra Kumar Mishra

Keyword(s):

Web Services ◽

Business Processes ◽

Service Oriented Architecture ◽

Enterprise Service Bus ◽

Fast Processing ◽

Service Oriented ◽

Open Standards ◽

Or Organization ◽

Services Use

Present is the era of fast processing industries or organization gives more emphasis for planning of business processes. This planning may differ from industry to industry. Service oriented architecture provides extensible and simple architecture for industry problem solutions. Web services are a standardized way for developing interoperable applications. Web services use open standards and protocols like http, xml and soap. This chapter provides a role of enterprise service bus in building web services.

Download Full-text

An Open Source e-Procurement Application Framework for B2B and G2B

Innovations in SMEs and Conducting E-Business ◽

10.4018/978-1-60960-765-4.ch005 ◽

2011 ◽

pp. 76-97 ◽

Cited By ~ 2

Author(s):

Georgousopoulos Christos ◽

Xenia Ziouvelou ◽

Gregory Yovanof ◽

Antonis Ramfos

Keyword(s):

Open Source ◽

Business Processes ◽

Service Oriented Architecture ◽

Cost Effective ◽

Assessment Process ◽

Application Framework ◽

Two Phase ◽

Model Driven ◽

Service Oriented ◽

The Cost

Since the early 1980s, Open Source Software (OSS) has gained a strong interest and an increased acceptance in the software industry that has to date initiated a “paradigm shift” (O’Reilly, 2004). The Open Source paradigm has introduced wholly new means of software development and distribution, creating a significant impact on the evolution of numerous business processes. In this chapter we examine the impact of the open source paradigm in the e-Procurement evolution and identify a trend towards Open Source e-Procurement Application Frameworks (AFs) which enable the development of tailored e-Procurement Solutions. Anchored in this notion, we present an Open-Source e-Procurement AF with a two-phase generation procedure. The innovative aspect of the proposed model relates to the combination of the Model Driven Engineering (MDE) approach with the Service-Oriented Architecture (SOA) paradigm for enabling the cost-effective production of e-Procurement Solutions by facilitating integration, interoperability, easy maintenance, and management of possible changes in the European e-Procurement environment. The assessment process of the proposed AF and its resulting e-Procurement Solutions occurs in the context of G2B in the Western-Balkan European region. Our evaluation yields positive results and further enhancing opportunities for the proposed Open Source e-Procurement AF and its resulting e-Procurement Solutions.

Download Full-text

Advanced Technologies and Architecture for Collaborative Business

Collaborative Business Process Engineering and Global Organizations ◽

10.4018/978-1-60566-689-1.ch005 ◽

2010 ◽

pp. 121-150

Author(s):

Bhuvan Unhelkar ◽

Abbass Ghanbary ◽

Houman Younessi

Keyword(s):

Business Processes ◽

Service Oriented Architecture ◽

Business Environment ◽

Process Engineering ◽

System Architectures ◽

Service Oriented ◽

Technical Collaboration ◽

Role Of Information ◽

Technical Platform

This chapter discusses the role of information system architectures in Collaborate Business Process Engineering (CBPE). Thus, in this chapter, there is an extension of the discussion on Service-oriented Architecture (SOA) from chapters 2 and 4, and its importance and relevance to CBPE. The SOA based architecture is extended and applied in a collaborative business environment. The technical platform of Service Oriented Architecture (SOA) provides an ideal mechanism to start building collaborative business processes, as it facilitates technical collaboration of different environments - as discussed in this chapter.

Download Full-text

Event-Driven Service-Oriented Architectures for E-Business

Encyclopedia of E-Business Development and Management in the Global Economy ◽

10.4018/978-1-61520-611-7.ch095 ◽

2010 ◽

pp. 952-962

Author(s):

Olga Levina ◽

Vladimir Stantchev

Keyword(s):

Distributed System ◽

Enterprise Architecture ◽

Business Processes ◽

Service Oriented Architecture ◽

Reference Architecture ◽

Service Oriented Architectures ◽

Application Systems ◽

Event Driven ◽

Service Oriented ◽

Definition Of

E-Business research and practice can be situated on following multiple levels: applications, technological issues, support and implementation (Ngai and Wat 2002). Here we consider technological components for realizing business processes and discuss their foundation architecture for technological enabling. The article provides an introduction to the terms, techniques and realization issues for eventdriven and service-oriented architectures. We begin with a definition of terms and propose a reference architecture for an event-driven service-oriented architecture (EDSOA). Possible applications in the area of E-Business and solution guidelines are considered in the second part of the article. Service-oriented Architectures (SOA) have gained momentum since their introduction in the last years. Seen as an approach to integrate heterogeneous applications within an enterprise architecture they are also used to design flexible and adaptable business processes. An SOA is designed as a distributed system architecture providing a good integration possibility of already existing application systems. Furthermore, SOA is mostly suitable for complex and large system landscapes.

Download Full-text

Transitioning Business Processes to a Collaborative Business Environment with Mobility

Handbook of Research in Mobile Business, Second Edition ◽

10.4018/978-1-60566-156-8.ch007 ◽

2009 ◽

pp. 73-82

Author(s):

Bhuvan Unhelkar ◽

Amit Tiwary ◽

Abbass Ghanbary

Keyword(s):

Web Services ◽

Enterprise Architecture ◽

Business Processes ◽

Service Oriented Architecture ◽

Business Environment ◽

Web Based ◽

Software Applications ◽

Comprehensive Service ◽

Service Oriented ◽

Web Based System

Web Services (WS) technologies create the potential for an organization to collaborate with partners and customers by enabling its software applications to transact over the Internet. This collaboration is achieved by carefully incorporating Web Services in the organization’s software applications, resulting in comprehensive Service-Oriented Architecture (SOA) for the enterprise. This incorporation of WS-enabled applications and components in the organization’s overall enterprise architecture requires understanding of the service at three interrelated yet distinct layers: policies, activities, and standards. This chapter describes how the existing business processes of an organization are transitioned in to collaborative business processes that would result in a Collaborative Web- Based System (CWBS). The ideas presented in this chapter have been validated through an action-research carried out by the authors in a large energy supplier organization in Melbourne, Australia.

Download Full-text

An Introduction to Service Choreographies (Servicechoreographien – eine Einführung)

it - Information Technology ◽

10.1524/itit.2008.0473 ◽

2008 ◽

Vol 50 (2) ◽

Cited By ~ 18

Author(s):

Gero Decker ◽

Oliver Kopp ◽

Alistair Barros

Keyword(s):

Business Processes ◽

Service Oriented Architecture ◽

Global Perspective ◽

Software Systems ◽

Architectural Style ◽

Service Oriented

SummaryService oriented architecture (SOA) is an architectural style for building software systems based on services. Especially in those scenarios where services implement business processes, complex conversations between the services occur. Service choreographies are a means to capture all interaction obligations and constraints from a global perspective. This article introduces choreographies as an important artifact for SOA, compares them to service orchestrations and surveys existing languages for modeling them.

Download Full-text