Your SlideShare is downloading. ×
Workflows adaptations for security management through MDD and Aspects
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Workflows adaptations for security management through MDD and Aspects

413
views

Published on

Published in: Education

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
413
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Workflows adaptations forsecurity management through MDD and Aspects Fáber D. Giraldo Armenia, October 12 2012 1
  • 2. Acknowledgments• Dr. Raquel Anaya and Pr. Luís Fernando Londoño (EAFIT University)• Mireille Blay-Fornarino (University of Nice-Sophia Antipolis, France)• Sébastien Mosser (University of Lille I, France)• Sergio Ochoa and Alexandre Bergel (University of Chile) 2
  • 3. Content1. Context2. The ADORE Method3. Case study4. Problem: Security & Business Processes5. Our proposal6. Conclusions, Further works and Results7. Questions 3
  • 4. Context• Separation of Concerns• Workflows of Business Processes.• MDD• AOSD• Security based on Services• Workflows adaptations based on security 4
  • 5. Goals of this workThe main goal of this proposal is to establish theincorporation in design time, of adaptation mechanismson workflows in order to consider security restrictions ondata and control structures that are part of a workflow, byusing model driven and aspects approaches. 5
  • 6. Research questions• Which is the way to apply and/or enrich the ADORE method in order to consider security based on standards?• Which is the contribution of modeling languages based on UML for representing, at high abstraction level, the security as an aspect and the interventions of it over the core functionality?• Which is the importance of the visualization mechanism for analyzing the complexity of the security adaptation proposed? 6
  • 7. Content1. Context2. The ADORE Method3. Case study4. Problem: Security & Business Processes5. Our proposal6. Conclusions, Further works and Results7. Questions 7
  • 8. The ADORE Method• «Activity moDel to suppOrt oRchestration Evolution» [TAOSD’10]• Consider concerns as «process fragments» to be composed with existing processes• Support fragment composition through different (endogenous) algorithms• Algorithms ensure compositional properties • E.g., order preservation 8
  • 9. ExamplesCCCms security requirement CCCms functional requirement 9
  • 10. Examples 10
  • 11. • More info about ADORE • http://www.adore-design.org/doku/ • http://www.adore- design.org/doku/examples/cccms/start • http://modalis.i3s.unice.fr/ MODels to usAge of large scaLe InfraStructures 11
  • 12. Content1. Context2. The ADORE Method3. Case study4. Problem: Security & Business Processes5. Our proposal6. Conclusions, Further works and Results7. Questions 12
  • 13. The Case Study•Car Crash Crisis Management System: CCCms•Requirement documents specified in [Kienzle et al,2010] •Special issue of TAOSD, focusing on Aspect Oriented Modeling•Contents: •8 main success scenario •27 business extensions •3 non-functional properties Source: S. Mosser (2011) 13•How to handle a Car Crash accident?
  • 14. Initial version Source [Mosser, Blay-Fornarino and France, 2010] 14
  • 15. Final version It’s only for Capture Witness Report use case of CCCms…. Source [Mosser, Blay-Fornarino and France, 2010] 15
  • 16. Content1. Context2. The ADORE Method3. Case study4. Problem: Security & Business Processes5. Our proposal6. Conclusions, Further works and Results7. Questions 16
  • 17. • Model (business) behavior in a Service-Oriented Architecture • Think «activity diagram» in the UML • Think BPMN and BPEL ... • Think specific proposals based on several symbols… • As complex as the modeled business: no magic here (at least yet)• Security (and Quality Attributes) are often handled at the infrastructure level (e.g., WS-*)• But it clearly impacts modeled behaviors (e.g., «role- based access control»), as well as persistence, error handling, ... 17
  • 18. • The use of SoC and aspects are extended to the treatment of quality attributes (as security and its derived implications, e.g., control access) so that business processes managed within a workflow consider additional features to functionality.• In most contemporary SOA practices focused on the separation of concerns, the properties related with quality attributes are specified and mapped in a set of services. • This strategy involves that developers and SOA architects must configure properly the quality attributes in a range of services (usually every quality attribute covers multiple services simultaneously). 18
  • 19. • Unfortunately, UML, BPMN and BPEL do not support separation of concerns per se. [Wada, Suzuki and Oba, 2008] 19
  • 20. Content1. Context2. The ADORE Method3. Case study4. Problem: Security & Business Processes5. Our proposal6. Conclusions, Further works and Results7. Questions 20
  • 21. • Existing approaches deal with Separation of Concerns: • Concerns reification (e.g., «Aspects» in Aspect-oriented Programming) • Composition with legacy systems (e.g., «Aspect weaving»)• Security (e.g., control access, encryption) can be considered as another concern • Thus composed with other concerns (e.g., persistence standard, behavioral) • Compliant with concern reasoning approaches • E.g, interaction detection mechanisms 21
  • 22. • Security can be considered as a crosscutting concern?• Security involves services?• Security have a high-level support?• Several works propose the derivation of security models from Business Processes Models (BPMN, BPEL and SOA models) 22
  • 23. • Security Control Access through RBAC – XACML • RBAC: Role Based Control Access (Model) • XACML (eXtensible Access Control Markup Language): OASIS Standard • XACML 2.0 - 3.0 define a profile for RBAC support in order to bind RBAC practical solutions in web services environments. • RBAC is supported in high level abstraction models by SecureUML metamodel and Model Driven Security.• Encryption using RSA X.509 • Services implemented by existing frameworks 23
  • 24. SecureUML MetamodelFrom [Basin, Doser and Lodderstedt, 2006] 24
  • 25. XACML Model (I)Adapted from http://docs.oasis-open.org/xacml/2.0/XACML-2.0-OS-ALL.zip 25
  • 26. XACML Model (II) 26General XACML Architecture. Source [Breu, Popp and Alam, 2007]
  • 27. Our proposalPrinciples derived from the AOSD and MDD provide a highdegree of flexibility: AOSD can be applied to identifycommon concerns, visualizing scenarios where they can beapplied throughout the business process that is automatedin a workflow. The business process models can beadapted to meet new requirements. Further changes toprocess models can be applied immediately to adjustbusiness processes. 27
  • 28. Our proposal• To derive ADORE fragments for XACML process and RSA X.509 desencryption process. • Fragments application independent.• To support the semantic context of ADORE fragments through its integration with Theme/UML approach • Bind through ADORE• To use concepts of software visualization for identifying and managing the complexity of new ADORE fragments for CCCms 28
  • 29. Integration with Theme/UML• Such as was exposed with the XACML standard, a quality attribute could contain a set of associated services and structures or specific dimensions, as hardware/software technologies that support security operations.• Other types of concerns address specifications of dimension, e.g., if a business process model must consider the managing of business rules, the fragment o fragment set must consider specific operations over a business rule engine.• It is evident the use of information of the modeled context expressed as variables that are introduced directly in the formulation of an ADORE fragment. According with the ADORE method the knowledge of context mapped in the fragments is associated exclusively to the description of the selected process. 29
  • 30. Example of information of context in an ADORE fragment 30
  • 31. Integration with Theme/UML• With the purpose of supporting the definition of ADORE fragments from quality attributes whose behaviors are generic respect to the behaviors that belongs to a business process workflow, we decided to use a subset of the diagrams of the modeling phase established in the Model-Driven Theme/UML process development to show the mapping of the information of the context of the quality attribute towards the ADORE fragment.• The context is defined in terms of the features specified for the system, the set of standards that govern the application and the invocation of underlying services, as the XACML standard for this case. 31
  • 32. General proposal of ThemeUML/ADORE Integration 32
  • 33. Use of ThemeUML in the formulation of XACML ADORE fragment 33
  • 34. Bind by Endogenous Composition of Concerns 34
  • 35. Composition leads to Iterative Process Modeling 35
  • 36. Weaving• XACML application independent fragment (blue)• retrieveVictimHistory dependent fragment (green)• execRescueMission orchestration (white) 36
  • 37. Desencryption fragment 37
  • 38. Weaving• XACML application independent fragment (blue)• Desencrypt application independent fragment (pink)• retrieveVictimHistory dependent fragment (green)• execRescueMission orchestration (white) 38
  • 39. Visualization• The goal of visualization is the extension of cognition or acquisition and/or use of knowledge [Teyseyre and Campo, 2009].• ADORE allows to extract information from the internal representation of business processes, so it is possible to generate information related to the structure and metrics of business processes• The principle of separation of concerns in the context of business process workflows derive implicitly the presence of complexity as an important factor to consider in the tasks of maintainability, understandability and accuracy of measurement of a business process.• From work of [Mosser, Bergel and Blay-Fornarino, 2010] we adapt it for exposing the "new" independent application fragments (security) in order to manage the complexity of the global CCCMs fragments including new generated fragments. 39
  • 40. Configuration filegenerated byADORE 40
  • 41. Complexity of fragments and orchestrations of CCCms includingformulated security fragments 41
  • 42. Activities of connection between the fragments and orchestrationsof CCCms, including formulated security fragments 42
  • 43. Content1. Context2. The ADORE Method3. Case study4. Problem: Security & Business Processes5. Our proposal6. Conclusions, Further Works and Results7. Questions 43
  • 44. • Integration of MDD and ASOD principles to establish at a model level, mechanisms of adaptation of business process workflows, in order to incorporate security constraints based on access control defined by the RBAC model and the XACML standard.• Final process designed through the composition of smaller artifacts • XACML security fragments are «process independent» • Thus can be reused in other business processes workflows • Approach applied successfully to the complete CCCms 44
  • 45. • Achievements • XACML policies implemented as reusable process fragments • Approach applied to a concrete and complex case study• Work in progress • Final process «optimization» (e.g., merge redundant activities) • Application to other case studies (information broadcasting) 45
  • 46. • Further works • Conclusions about the ADORE method • Comparison of this work with BPEL4RBAC, AO4BPEL and AO4BPMN proposals • Use of ADORE by quality attributes experts • Standardization of behaviors derived from quality attributes in ADORE 46
  • 47. • Fáber D. Giraldo, Mireille Blay-Fornarino, Sébastien Mosser. "Introducing Security Access Control Policies into Legacy Business Processes”. Proceedings of the Fifteenth International Enterprise Distributed Object Computing Conference (EDOC11), IEEE, Helsinki, Finland, 29 august - 02 September 2011. Available in http://hal.archives- ouvertes.fr/docs/00/59/48/45/PDF/edoc_2011.pdf and http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&ar number=6037600&contentType=Conference+Publications• Fáber D. Giraldo and Raquel Anaya. “Integrating non-functional security services in ADORE using multiple views modeling approaches”. XXXVIII Latin American Conference on Informatics (CLEI 2012), Latin American Symposium in Software Engineering. IEEExplorer coming soon! 47
  • 48. Contact• fdgiraldo@uniquindio.edu.co• fdgiraldo• @fdgiraldo More Information in CVLac & GrupLac• http://www.linkedin.com/profile/view?id=144790141&trk=tab_pro• http://www.slideshare.net/fdgiraldo/
  • 49. Thank You for Your Attention ! fdgiraldo@uniquindio.edu.co 49

×