Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Workflows adaptations for security management through MDD and Aspects


Published on

Published in: Education
  • Be the first to comment

Workflows adaptations for security management through MDD and Aspects

  1. 1. Workflows adaptations forsecurity management through MDD and Aspects Fáber D. Giraldo Armenia, October 12 2012 1
  2. 2. Acknowledgments• Dr. Raquel Anaya and Pr. Luís Fernando Londoño (EAFIT University)• Mireille Blay-Fornarino (University of Nice-Sophia Antipolis, France)• Sébastien Mosser (University of Lille I, France)• Sergio Ochoa and Alexandre Bergel (University of Chile) 2
  3. 3. Content1. Context2. The ADORE Method3. Case study4. Problem: Security & Business Processes5. Our proposal6. Conclusions, Further works and Results7. Questions 3
  4. 4. Context• Separation of Concerns• Workflows of Business Processes.• MDD• AOSD• Security based on Services• Workflows adaptations based on security 4
  5. 5. Goals of this workThe main goal of this proposal is to establish theincorporation in design time, of adaptation mechanismson workflows in order to consider security restrictions ondata and control structures that are part of a workflow, byusing model driven and aspects approaches. 5
  6. 6. Research questions• Which is the way to apply and/or enrich the ADORE method in order to consider security based on standards?• Which is the contribution of modeling languages based on UML for representing, at high abstraction level, the security as an aspect and the interventions of it over the core functionality?• Which is the importance of the visualization mechanism for analyzing the complexity of the security adaptation proposed? 6
  7. 7. Content1. Context2. The ADORE Method3. Case study4. Problem: Security & Business Processes5. Our proposal6. Conclusions, Further works and Results7. Questions 7
  8. 8. The ADORE Method• «Activity moDel to suppOrt oRchestration Evolution» [TAOSD’10]• Consider concerns as «process fragments» to be composed with existing processes• Support fragment composition through different (endogenous) algorithms• Algorithms ensure compositional properties • E.g., order preservation 8
  9. 9. ExamplesCCCms security requirement CCCms functional requirement 9
  10. 10. Examples 10
  11. 11. • More info about ADORE • • http://www.adore- • MODels to usAge of large scaLe InfraStructures 11
  12. 12. Content1. Context2. The ADORE Method3. Case study4. Problem: Security & Business Processes5. Our proposal6. Conclusions, Further works and Results7. Questions 12
  13. 13. The Case Study•Car Crash Crisis Management System: CCCms•Requirement documents specified in [Kienzle et al,2010] •Special issue of TAOSD, focusing on Aspect Oriented Modeling•Contents: •8 main success scenario •27 business extensions •3 non-functional properties Source: S. Mosser (2011) 13•How to handle a Car Crash accident?
  14. 14. Initial version Source [Mosser, Blay-Fornarino and France, 2010] 14
  15. 15. Final version It’s only for Capture Witness Report use case of CCCms…. Source [Mosser, Blay-Fornarino and France, 2010] 15
  16. 16. Content1. Context2. The ADORE Method3. Case study4. Problem: Security & Business Processes5. Our proposal6. Conclusions, Further works and Results7. Questions 16
  17. 17. • Model (business) behavior in a Service-Oriented Architecture • Think «activity diagram» in the UML • Think BPMN and BPEL ... • Think specific proposals based on several symbols… • As complex as the modeled business: no magic here (at least yet)• Security (and Quality Attributes) are often handled at the infrastructure level (e.g., WS-*)• But it clearly impacts modeled behaviors (e.g., «role- based access control»), as well as persistence, error handling, ... 17
  18. 18. • The use of SoC and aspects are extended to the treatment of quality attributes (as security and its derived implications, e.g., control access) so that business processes managed within a workflow consider additional features to functionality.• In most contemporary SOA practices focused on the separation of concerns, the properties related with quality attributes are specified and mapped in a set of services. • This strategy involves that developers and SOA architects must configure properly the quality attributes in a range of services (usually every quality attribute covers multiple services simultaneously). 18
  19. 19. • Unfortunately, UML, BPMN and BPEL do not support separation of concerns per se. [Wada, Suzuki and Oba, 2008] 19
  20. 20. Content1. Context2. The ADORE Method3. Case study4. Problem: Security & Business Processes5. Our proposal6. Conclusions, Further works and Results7. Questions 20
  21. 21. • Existing approaches deal with Separation of Concerns: • Concerns reification (e.g., «Aspects» in Aspect-oriented Programming) • Composition with legacy systems (e.g., «Aspect weaving»)• Security (e.g., control access, encryption) can be considered as another concern • Thus composed with other concerns (e.g., persistence standard, behavioral) • Compliant with concern reasoning approaches • E.g, interaction detection mechanisms 21
  22. 22. • Security can be considered as a crosscutting concern?• Security involves services?• Security have a high-level support?• Several works propose the derivation of security models from Business Processes Models (BPMN, BPEL and SOA models) 22
  23. 23. • Security Control Access through RBAC – XACML • RBAC: Role Based Control Access (Model) • XACML (eXtensible Access Control Markup Language): OASIS Standard • XACML 2.0 - 3.0 define a profile for RBAC support in order to bind RBAC practical solutions in web services environments. • RBAC is supported in high level abstraction models by SecureUML metamodel and Model Driven Security.• Encryption using RSA X.509 • Services implemented by existing frameworks 23
  24. 24. SecureUML MetamodelFrom [Basin, Doser and Lodderstedt, 2006] 24
  25. 25. XACML Model (I)Adapted from 25
  26. 26. XACML Model (II) 26General XACML Architecture. Source [Breu, Popp and Alam, 2007]
  27. 27. Our proposalPrinciples derived from the AOSD and MDD provide a highdegree of flexibility: AOSD can be applied to identifycommon concerns, visualizing scenarios where they can beapplied throughout the business process that is automatedin a workflow. The business process models can beadapted to meet new requirements. Further changes toprocess models can be applied immediately to adjustbusiness processes. 27
  28. 28. Our proposal• To derive ADORE fragments for XACML process and RSA X.509 desencryption process. • Fragments application independent.• To support the semantic context of ADORE fragments through its integration with Theme/UML approach • Bind through ADORE• To use concepts of software visualization for identifying and managing the complexity of new ADORE fragments for CCCms 28
  29. 29. Integration with Theme/UML• Such as was exposed with the XACML standard, a quality attribute could contain a set of associated services and structures or specific dimensions, as hardware/software technologies that support security operations.• Other types of concerns address specifications of dimension, e.g., if a business process model must consider the managing of business rules, the fragment o fragment set must consider specific operations over a business rule engine.• It is evident the use of information of the modeled context expressed as variables that are introduced directly in the formulation of an ADORE fragment. According with the ADORE method the knowledge of context mapped in the fragments is associated exclusively to the description of the selected process. 29
  30. 30. Example of information of context in an ADORE fragment 30
  31. 31. Integration with Theme/UML• With the purpose of supporting the definition of ADORE fragments from quality attributes whose behaviors are generic respect to the behaviors that belongs to a business process workflow, we decided to use a subset of the diagrams of the modeling phase established in the Model-Driven Theme/UML process development to show the mapping of the information of the context of the quality attribute towards the ADORE fragment.• The context is defined in terms of the features specified for the system, the set of standards that govern the application and the invocation of underlying services, as the XACML standard for this case. 31
  32. 32. General proposal of ThemeUML/ADORE Integration 32
  33. 33. Use of ThemeUML in the formulation of XACML ADORE fragment 33
  34. 34. Bind by Endogenous Composition of Concerns 34
  35. 35. Composition leads to Iterative Process Modeling 35
  36. 36. Weaving• XACML application independent fragment (blue)• retrieveVictimHistory dependent fragment (green)• execRescueMission orchestration (white) 36
  37. 37. Desencryption fragment 37
  38. 38. Weaving• XACML application independent fragment (blue)• Desencrypt application independent fragment (pink)• retrieveVictimHistory dependent fragment (green)• execRescueMission orchestration (white) 38
  39. 39. Visualization• The goal of visualization is the extension of cognition or acquisition and/or use of knowledge [Teyseyre and Campo, 2009].• ADORE allows to extract information from the internal representation of business processes, so it is possible to generate information related to the structure and metrics of business processes• The principle of separation of concerns in the context of business process workflows derive implicitly the presence of complexity as an important factor to consider in the tasks of maintainability, understandability and accuracy of measurement of a business process.• From work of [Mosser, Bergel and Blay-Fornarino, 2010] we adapt it for exposing the "new" independent application fragments (security) in order to manage the complexity of the global CCCMs fragments including new generated fragments. 39
  40. 40. Configuration filegenerated byADORE 40
  41. 41. Complexity of fragments and orchestrations of CCCms includingformulated security fragments 41
  42. 42. Activities of connection between the fragments and orchestrationsof CCCms, including formulated security fragments 42
  43. 43. Content1. Context2. The ADORE Method3. Case study4. Problem: Security & Business Processes5. Our proposal6. Conclusions, Further Works and Results7. Questions 43
  44. 44. • Integration of MDD and ASOD principles to establish at a model level, mechanisms of adaptation of business process workflows, in order to incorporate security constraints based on access control defined by the RBAC model and the XACML standard.• Final process designed through the composition of smaller artifacts • XACML security fragments are «process independent» • Thus can be reused in other business processes workflows • Approach applied successfully to the complete CCCms 44
  45. 45. • Achievements • XACML policies implemented as reusable process fragments • Approach applied to a concrete and complex case study• Work in progress • Final process «optimization» (e.g., merge redundant activities) • Application to other case studies (information broadcasting) 45
  46. 46. • Further works • Conclusions about the ADORE method • Comparison of this work with BPEL4RBAC, AO4BPEL and AO4BPMN proposals • Use of ADORE by quality attributes experts • Standardization of behaviors derived from quality attributes in ADORE 46
  47. 47. • Fáber D. Giraldo, Mireille Blay-Fornarino, Sébastien Mosser. "Introducing Security Access Control Policies into Legacy Business Processes”. Proceedings of the Fifteenth International Enterprise Distributed Object Computing Conference (EDOC11), IEEE, Helsinki, Finland, 29 august - 02 September 2011. Available in http://hal.archives- and number=6037600&contentType=Conference+Publications• Fáber D. Giraldo and Raquel Anaya. “Integrating non-functional security services in ADORE using multiple views modeling approaches”. XXXVIII Latin American Conference on Informatics (CLEI 2012), Latin American Symposium in Software Engineering. IEEExplorer coming soon! 47
  48. 48. Contact•• fdgiraldo• @fdgiraldo More Information in CVLac & GrupLac••
  49. 49. Thank You for Your Attention ! 49