An XML-based continuous auditing web services model -An Implementation Study

The concepts of continuous auditing are now more than two decades old, many researchers have issued differ continuous audit system model for applying over internet technology. A continuous audit is an assurance service where the time between the occurrence of events underlying a particular subject matter and the issuance of an auditor‘s opinion on the fairness of a client‘s representation of the subject matter is eliminated. The auditor offer restricted views provided by the continuous audit web services (CAWS) routines on a fee basis to analysts, investors, financial institutions, and other parties interested in obtaining continuous audit (CA) of business performance or other audit objects of interest. In our study proposed not only discuss with how to ensure the integrity and effectiveness of the entire data collection system but also implement the XML web services to enterprise applied for correctness and usefulness well-known the CAWS model. The CAWS design and demonstrate an implementation of continuous audit with the internal auditor data verify for compliance CA domain. The demonstrated CAWS model uses data retrieval layer, data analysis layer and data presentation layer over the internet to continuously monitor by the audit department. The article concludes with suggestion for future research and our implemented experiences

A generic debug interface for IP-integrated assertions

Der Entwurf von Hardware/Software Systemen ist auf eine solide Verifikationsmethodik angewiesen, die den ganzen Design Flow durchzieht. Viele Konzepte haben eine Erhöhung des Abstraktionsniveaus bei der Entwurfseingabe gemeinsam, wobei der modell-basierte Hardware-Entwurf einen vielversprechenden und sich verbreitenenden Ansatz darstellt. Assertion basierte Verifikation ermöglicht dem Entwickler die Spezifikation von Eigenschaften des Entwurfes und die Aufdeckung von Fällen, in denen diese verletzt werden. Während Assertions in Entwurfs- und Simulationsstadien weit verbreitet sind, ist der Ansatz, diese mit auf dem integrierten Schaltkreis (IC) zu fertigen, neuartig. In dieser Diplomarbeit soll ein von Infineon Technologies entwickeltes, auf UML basierendes Datenmodell, welches zur Erfassung von Entwurfsspezifikation und zur automatischen Code-Generierung genutzt wird dahingehend erweitert werden, die Beschreibung für im IC integrierte Assertions zu ermöglichen. Für diese Zwecke wird ein abstraktes Datenmodell beschrieben werden. Das Assertion Interface soll die spezifikationsgetreue Modellintegration gewährleisten, sowie IC interne Assertionresultate dem umgebenen System über das Interface zugänglich machen und damit zum Debugging während der Laufzeit ermöglichen. Ferner werden die Codegenerierungs Templates erläutert und einBeispielsystem eingeführt, um die beschriebenden Konzepte zu validieren.Nowadays electronic systems design requires fast time to market and solid verification throughout the entire design flow. Many concepts have been researched to raise the level of abstraction during the design entry phase, whereas model-based design is the most promising one. Assertion-based verification enables the developer to specify properties of the design and to get report if these are violated. Assertions are common during development and simulation of electronic products but often are not included in the final silicon. In this thesis an UML-based model defined at Infineon Technologies for capturing design specification information and to generate code automatically using templates, will be extended to allow the description of an abstract debuggable assertion interface for silicon assertions. With help of the assertion interface it shall be possible to verify the correct module integration and to monitor IP-internal assertion checker results. Besides, the code-generation templates for the assertion interface model will be described. To demonstrate the usability of the developed concepts an example system will be introduced to validate the approach.Ilmenau, Techn. Univ., Diplomarbeit, 200

Model-Driven Development of Aspect-Oriented Software Architectures

The work presented in this thesis of master is an approach that takes advantage of the Model-Driven Development approach for developing aspect-oriented software architectures. A complete MDD support for the PRISMA approach is defined by providing code generation, verification and reusability properties.Pérez Benedí, J. (2007). Model-Driven Development of Aspect-Oriented Software Architectures. http://hdl.handle.net/10251/12451Archivo delegad

SAVCBS 2005 Proceedings: Specification and Verification of Component-Based Systems

This workshop is concerned with how formal (i.e., mathematical) techniques can be or should be used to establish a suitable foundation for the specification and verification of component-based systems. Component-based systems are a growing concern for the software engineering community. Specification and reasoning techniques are urgently needed to permit composition of systems from components. Component-based specification and verification is also vital for scaling advanced verification techniques such as extended static analysis and model checking to the size of real systems. The workshop will consider formalization of both functional and non-functional behavior, such as performance or reliability. This workshop brings together researchers and practitioners in the areas of component-based software and formal methods to address the open problems in modular specification and verification of systems composed from components. We are interested in bridging the gap between principles and practice. The intent of bringing participants together at the workshop is to help form a community-oriented understanding of the relevant research problems and help steer formal methods research in a direction that will address the problems of component-based systems. For example, researchers in formal methods have only recently begun to study principles of object-oriented software specification and verification, but do not yet have a good handle on how inheritance can be exploited in specification and verification. Other issues are also important in the practice of component-based systems, such as concurrency, mechanization and scalability, performance (time and space), reusability, and understandability. The aim is to brainstorm about these and related topics to understand both the problems involved and how formal techniques may be useful in solving them

Owning your data through Self-Sovereign Identity: agents implementation for Verifiable Credentials interaction

Nowadays, most of our data is owned by private companies, and everyone knows everything about us because privacy online is not well preserved. Imagining a world different from this is difficult, but things can change thanks to Self-Sovereign Identity (SSI). SSI approach aims to bring credentials back to the actual owners, the people. This is possible through cryptography and secure authentication layers (e.g., OAuth, OpenIDConnect). The developed product embraces this philosophy and offers a solution where the users are the holders, issuers, or verifiers of Verifiable Credentials (VCs). Specifically, will be developed software agents who create, issue, verify, modify or even revoke the credentials, leveraging an SSI Kit. In this thesis, we propose a methodology to merge SSI off-chain (i.e., outside the blockchain) operations with on-chain smart contracts. In particular, the job has been divided into three macro stages: firstly, has been done a deep dive into the SSI technology, studying all of its primitives and analyzing the problem; secondly, has been developed a Software Development Kit (SDK), which enabled us to dialog with an SSI Kit (off-chain logic); in the meantime, my friend and co-worker Matteo Midena developed the smart contracts (on-chain logic); finally, off-chain and on-chain solutions has been merged into a proof of concept web application. One of the final features is that the verifier (who inspects the validity of the credentials) can reflect on-chain the off-chain verification results, saving time for the following examinations. Improvements and additional features are needed to complete the software, but this constitutes a good baseline for future works.Nowadays, most of our data is owned by private companies, and everyone knows everything about us because privacy online is not well preserved. Imagining a world different from this is difficult, but things can change thanks to Self-Sovereign Identity (SSI). SSI approach aims to bring credentials back to the actual owners, the people. This is possible through cryptography and secure authentication layers (e.g., OAuth, OpenIDConnect). The developed product embraces this philosophy and offers a solution where the users are the holders, issuers, or verifiers of Verifiable Credentials (VCs). Specifically, will be developed software agents who create, issue, verify, modify or even revoke the credentials, leveraging an SSI Kit. In this thesis, we propose a methodology to merge SSI off-chain (i.e., outside the blockchain) operations with on-chain smart contracts. In particular, the job has been divided into three macro stages: firstly, has been done a deep dive into the SSI technology, studying all of its primitives and analyzing the problem; secondly, has been developed a Software Development Kit (SDK), which enabled us to dialog with an SSI Kit (off-chain logic); in the meantime, my friend and co-worker Matteo Midena developed the smart contracts (on-chain logic); finally, off-chain and on-chain solutions has been merged into a proof of concept web application. One of the final features is that the verifier (who inspects the validity of the credentials) can reflect on-chain the off-chain verification results, saving time for the following examinations. Improvements and additional features are needed to complete the software, but this constitutes a good baseline for future works

Towards an aspect weaving BPEL engine

This position paper proposes the use of dynamic aspects and the visitor design pattern to obtain a highly configurable and extensible BPEL engine. Using these two techniques, the core of this infrastructural software can be customised to meet new requirements and add features such as debugging, execution monitoring, or changing to another Web Service selection policy. Additionally, it can easily be extended to cope with customer-specific BPEL extensions. We propose the use of dynamic aspects not only on the engine itself but also on the workflow in order to tackle the problems of Web Service hot deployment and hot fixes to long running processes. In this way, composing aWeb Service "on-the-fly" means weaving its choreography interface into the workflow