459 research outputs found
Possibilistic Information Flow Control for Workflow Management Systems
In workflows and business processes, there are often security requirements on
both the data, i.e. confidentiality and integrity, and the process, e.g.
separation of duty. Graphical notations exist for specifying both workflows and
associated security requirements. We present an approach for formally verifying
that a workflow satisfies such security requirements. For this purpose, we
define the semantics of a workflow as a state-event system and formalise
security properties in a trace-based way, i.e. on an abstract level without
depending on details of enforcement mechanisms such as Role-Based Access
Control (RBAC). This formal model then allows us to build upon well-known
verification techniques for information flow control. We describe how a
compositional verification methodology for possibilistic information flow can
be adapted to verify that a specification of a distributed workflow management
system satisfies security requirements on both data and processes.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
A model-driven method for the systematic literature review of qualitative empirical research
This paper explores a model-driven method for systematic literature reviews (SLRs), for use where the empirical studies found in the literature search are based on qualitative research. SLRs are an important component of the evidence-based practice (EBP) paradigm, which is receiving increasing attention in information systems (IS) but has not yet been widely-adopted. We illustrate the model-driven approach to SLRs via an example focused on the use of BPMN (Business Process Modelling Notation) in organizations. We discuss in detail the process followed in using the model-driven SLR method, and show how it is based on a hermeneutic cycle of reading and interpreting, in order to develop and refine a model which synthesizes the research findings of previous qualitative studies. This study can serve as an exemplar for other researchers wishing to carry out model-driven SLRs. We conclude with our reflections on the method and some suggestions for further researc
A Model-Driven Method for the Systematic Literature Review of Qualitative Empirical Research
This paper explores a new model-driven method for systematic literature reviews (SLRs), for use where the empirical studies found in the literature search are based on qualitative research. SLRs are an important component of the evidence-based practice (EBP) paradigm, which is receiving increasing attention in information systems (IS) but has not yet been widely-adopted. We illustrate the model-driven approach to SLRs via an example focused on the use of BPMN (Business Process Modelling Notation) in organizations. We discuss in detail the process followed in using the model-driven SLR method, and show how it is based on a hermeneutic cycle of reading and interpreting, in order to develop and
refine a model which synthesizes the research findings of qualitative studies. This study can serve as an exemplar for other researchers wishing to carry out model-driven SLRs. We conclude with our reflections on the method and some suggestions for further research
Distributed Enforcement of Service Choreographies
Modern service-oriented systems are often built by reusing, and composing
together, existing services distributed over the Internet. Service choreography
is a possible form of service composition whose goal is to specify the
interactions among participant services from a global perspective. In this
paper, we formalize a method for the distributed and automated enforcement of
service choreographies, and prove its correctness with respect to the
realization of the specified choreography. The formalized method is implemented
as part of a model-based tool chain released to support the development of
choreography-based systems within the EU CHOReOS project. We illustrate our
method at work on a distributed social proximity network scenario.Comment: In Proceedings FOCLASA 2014, arXiv:1502.0315
VERTO: a visual notation for declarative process models
Declarative approaches to business process modeling allow to represent loosely-structured
(declarative) processes in flexible scenarios as a set of constraints on the allowed flow of
activities. However, current graphical notations for declarative processes are difficult to
interpret. As a consequence, this has affected widespread usage of such notations, by
increasing the dependency on experts to understand their semantics. In this paper, we
tackle this issue by introducing a novel visual declarative notation targeted to a more
understandable modeling of declarative processes
Kickstarting Choreographic Programming
We present an overview of some recent efforts aimed at the development of
Choreographic Programming, a programming paradigm for the production of
concurrent software that is guaranteed to be correct by construction from
global descriptions of communication behaviour
Distribution pattern-driven development of service architectures
Distributed systems are being constructed by composing a number of discrete components. This practice is particularly prevalent within the Web service domain in the form of service process orchestration and choreography. Often, enterprise systems are built from many existing discrete applications such as legacy applications exposed using Web service interfaces. There are a number of architectural configurations or distribution patterns, which express how a composed system is to be deployed in a distributed environment. However, the amount of code
required to realise these distribution patterns is considerable. In this paper, we propose a distribution
pattern-driven approach to service composition and architecting. We develop, based on a catalog of patterns, a UML-compliant framework, which takes existing Web service interfaces as its input and generates executable Web service compositions based on a distribution pattern chosen by the software architect
Algebraic Reasoning About Timeliness
Designing distributed systems to have predictable performance under high load
is difficult because of resource exhaustion, non-linearity, and stochastic
behaviour. Timeliness, i.e., delivering results within defined time bounds, is
a central aspect of predictable performance. In this paper, we focus on
timeliness using the DELTA-Q Systems Development paradigm (DELTA-QSD, developed
by PNSol), which computes timeliness by modelling systems observationally using
so-called outcome expressions. An outcome expression is a compositional
definition of a system's observed behaviour in terms of its basic operations.
Given the behaviour of the basic operations, DELTA-QSD efficiently computes the
stochastic behaviour of the whole system including its timeliness.
This paper formally proves useful algebraic properties of outcome expressions
w.r.t. timeliness. We prove the different algebraic structures the set of
outcome expressions form with the different DELTA-QSD operators and demonstrate
why those operators do not form richer structures. We prove or disprove the set
of all possible distributivity results on outcome expressions. On our way for
disproving 8 of those distributivity results, we develop a technique called
properisation, which gives rise to the first body of maths for improper random
variables. Finally, we also prove 14 equivalences that have been used in the
past in the practice of DELTA-QSD.
An immediate benefit is rewrite rules that can be used for design exploration
under established timeliness equivalence. This work is part of an ongoing
project to disseminate and build tool support for DELTA-QSD. The ability to
rewrite outcome expressions is essential for efficient tool support.Comment: In Proceedings ICE 2023, arXiv:2308.0892
- …