190 research outputs found
Possibilistic Information Flow Control for Workflow Management Systems
In workflows and business processes, there are often security requirements on
both the data, i.e. confidentiality and integrity, and the process, e.g.
separation of duty. Graphical notations exist for specifying both workflows and
associated security requirements. We present an approach for formally verifying
that a workflow satisfies such security requirements. For this purpose, we
define the semantics of a workflow as a state-event system and formalise
security properties in a trace-based way, i.e. on an abstract level without
depending on details of enforcement mechanisms such as Role-Based Access
Control (RBAC). This formal model then allows us to build upon well-known
verification techniques for information flow control. We describe how a
compositional verification methodology for possibilistic information flow can
be adapted to verify that a specification of a distributed workflow management
system satisfies security requirements on both data and processes.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
Analysis and Verification of Service Interaction Protocols - A Brief Survey
Modeling and analysis of interactions among services is a crucial issue in
Service-Oriented Computing. Composing Web services is a complicated task which
requires techniques and tools to verify that the new system will behave
correctly. In this paper, we first overview some formal models proposed in the
literature to describe services. Second, we give a brief survey of verification
techniques that can be used to analyse services and their interaction. Last, we
focus on the realizability and conformance of choreographies.Comment: In Proceedings TAV-WEB 2010, arXiv:1009.330
Rigorous Development of Composite Grid Services
CRESS (Communication Representation Employing Systematic Specification) is introduced as notation, a methodology and a toolset for service development. The article focuses on rigorous development of composite grid services, with particular emphasis on the principles behind the methodology. A straightforward graphical notation is used to describe grid services. These are then automatically specified, analysed and implemented. Analysis includes formal verification of desirable service properties, formal validation of test scenarios, testing of implementation functionality, and evaluation of implementation performance. The case study that illustrates the approach is document content analysis to compare two pieces of text. This involves two composite services supported by two partner services. The usability of the service design notation is assessed, and a comparison is made of the approach with similar ones. These show that the CRESS approach to developing services is usable and more complete than other comparable approaches
Distribution pattern-driven development of service architectures
Distributed systems are being constructed by composing a number of discrete components. This practice is particularly prevalent within the Web service domain in the form of service process orchestration and choreography. Often, enterprise systems are built from many existing discrete applications such as legacy applications exposed using Web service interfaces. There are a number of architectural configurations or distribution patterns, which express how a composed system is to be deployed in a distributed environment. However, the amount of code
required to realise these distribution patterns is considerable. In this paper, we propose a distribution
pattern-driven approach to service composition and architecting. We develop, based on a catalog of patterns, a UML-compliant framework, which takes existing Web service interfaces as its input and generates executable Web service compositions based on a distribution pattern chosen by the software architect
Modelling the behaviour of management operations in cloud-based applications
How to flexibly manage complex applications over heterogeneous clouds is one of the emerging problems in the cloud era. The OASIS Topology and Orchestration Specification for Cloud Applications (TOSCA) aims at solving this problem by providing a language to describe and manage complex cloud applications in a portable, vendoragnostic way. TOSCA permits to define an application as an orchestration of nodes, whose types can specify states, requirements, capabilities and management operations — but not how they interact each another.
In this paper we first propose how to extend TOSCA to specify the behaviour of management operations and their relations with states, requirements, and capabilities. We then illustrate how such behaviour can be naturally modelled, in a compositional way, by means of open Petri nets. The proposed modelling permits to automate different analyses, such as determining whether a deployment plan is valid, which are its effects, or which plans allow to reach certain system configurations
VISUAL PPINOT: A Graphical Notation for Process Performance Indicators
Process performance indicators (PPIs) allow the
quantitative evaluation of business processes, providing
essential information for decision making. It is common
practice today that business processes and PPIs are usually
modelled separately using graphical notations for the former
and natural language for the latter. This approach
makes PPI definitions simple to read and write, but it
hinders maintenance consistency between business processes
and PPIs. It also requires their manual translation
into lower-level implementation languages for their operationalisation,
which is a time-consuming, error-prone task
because of the ambiguities inherent to natural language
definitions. In this article, VISUAL PPINOT, a graphical
notation for defining PPIs together with business process
models, is presented. Its underlying formal metamodel
allows the automated processing of PPIs. Furthermore, it
improves current state-of-the-art proposals in terms of
expressiveness and in terms of providing an explicit visualisation
of the link between PPIs and business processes,
which avoids inconsistencies and promotes their co-evolution.
The reference implementation, developed as a
complete tool suite, has allowed its validation in a multiple-
case study, in which five dimensions of VISUAL PPINOT
were studied: expressiveness, precision, automation,
understandability, and traceability.Comisión Interministerial de Ciencia y Tecnología TIN2015-70560-RJunta de Andalucía P12-TIC-186
VISUAL PPINOT: A Graphical Notation for Process Performance Indicators
Process performance indicators (PPIs) allow the quantitative evaluation of business processes, providing essential information for decision making. It is common practice today that business processes and PPIs are usually modelled separately using graphical notations for the former and natural language for the latter. This approach makes PPI definitions simple to read and write, but it hinders maintenance consistency between business processes and PPIs. It also requires their manual translation into lower-level implementation languages for their operationalisation, which is a time-consuming, error-prone task because of the ambiguities inherent to natural language definitions. In this article, Visual ppinot, a graphical notation for defining PPIs together with business process models, is presented. Its underlying formal metamodel allows the automated processing of PPIs. Furthermore, it improves current state-of-the-art proposals in terms of expressiveness and in terms of providing an explicit visualisation of the link between PPIs and business processes, which avoids inconsistencies and promotes their co-evolution. The reference implementation, developed as a complete tool suite, has allowed its validation in a multiple-case study, in which five dimensions of Visual ppinot were studied: expressiveness, precision, automation, understandability, and traceability
- …