6 research outputs found
Ontology-based standards development: Application of OntoStanD to ebXML business process specification schema
Business-to-Business (B2B) interoperations are an important part of today's global economy. Business process standards are developed to provide a common understanding of the information shared between trading partners. These standards, however, mainly capture the syntax of the transactions and not their semantics. This paper proposes the use of ontologies as the basis for standards development and presents an ontology for the ebXML Business Process Specification Schema (ebBP) with the aim of empowering the capture and sharing of semantics embedded within B2B processes as well as enabling knowledge deduction and reasoning over the shared knowledge. The paper utilises the Ontology-based Standards Development methodology (OntoStanD) as a methodological approach for designing ontological models of standards. This research demonstrates how Semantic Web technologies can be utilised as a basis for standards development and representation in order to improve standards-based interoperability between trading partners
SECURITY POLICY ENFORCEMENT IN APPLICATION ENVIRONMENTS USING DISTRIBUTED SCRIPT-BASED CONTROL STRUCTURES
Business processes involving several partners in different organisations impose demanding
requirements on procedures for specification, execution and maintenance. A
framework referred to as business process management (BPM) has evolved for this purpose
over the last ten years. Other approaches, such as service-oriented architecture
(SOA) or the concept of virtual organisations (VOs), assist in the definition of architectures
and procedures for modelling and execution of so-called collaborative business
processes (CBPs).
Methods for the specification of business processes play a central role in this context,
and, several standards have emerged for this purpose. Among these, Web Services
Business Process Execution Language (WS-BPEL, usually abbreviated BPEL) has
evolved to become the de facto standard for business process definition. As such, this
language has been selected as the foundation for the research in this thesis.
Having a broadly accepted standard would principally allow the specification of
business processes in a platform-independent manner, including the capability to
specify them at one location and have them executed at others (possibly spread across
different organisations). Though technically feasible, this approach has significant
security implications, particularly on the side that is to execute a process.
The research project focused upon these security issues arising when business processes
are specified and executed in a distributed manner. The central goal has been the
development of methods to cope with the security issues arising when BPEL as a
standard is deployed in such a way exploiting the significant aspect of a standard to be
platform-independent
The research devised novel methods for specifying security policies in such a manner
that the assessment of compliance with these policies is greatly facilitated such that the
assessment becomes suited to be performed automatically. An analysis of the securityrelevant
semantics of BPEL as a specification language was conducted that resulted in
the identification of so-called security-relevant semantic patterns. Based on these
results, methods to specify security policy-implied restrictions in terms of such semantic
patterns and to assess the compliance of BPEL scripts with these policies have been
developed. These methods are particularly suited for assessment of remotely defined
BPEL scripts since they allow for pre-execution enforcement of local security policies
thereby mitigating or even removing the security implications involved in distributed
definition and execution of business processes.
As initially envisaged, these methods are comparatively easy to apply, as they are based
on technologies customary for practitioners in this field. The viability of the methods
proposed for automatic compliance assessment has been proven via a prototypic
implementation of the essential functionality required for proof-of-concept.Darmstadt Node of the NRG Network at University of Applied Sciences Darmstad
An Ontology for Internal and External Business Processes
In this paper we introduce our multi metamodel process ontology (m3po), which is based on various existing reference models and languages from the workflow and choreography domain. This ontology allows the extraction of arbitrary choreography interface descriptions from arbitrary internal workflow models. We also report on an initial validation: we translate an IBM Websphere MQ Workflow model into the m3po ontology and then extract an Abstract BPEL model from the ontology
An Ontology for Internal and External Business Processes ∗ ABSTRACT
In this paper we introduce our multi metamodel process ontology (m3po), which is based on various existing reference models and languages from the workflow and choreography domain. This ontology allows the extraction of arbitrary choreography interface descriptions from arbitrary internal workflow models. We also report on an initial validation: we translate an IBM Websphere MQ Workflow model into the m3po ontology and then extract an Abstract BPEL model from the ontology. Categories and Subject Descriptors: H.4.1 [Informatio