Development of SOA-Based Software Systems - an Evolutionary Programming Approach

A software application has strong relationships with the business processes it supports. In the analysis phase those parts of the processes in which the software system is applied by its future users are analyzed. Taking an object-oriented approach, the Unified Modeling Language (UML) is often used to model the relevant aspects of the business processes. In the design phase these models must be manually mapped to the business layer of the software application. The Service-Oriented Architecture (SOA) offers a promising new approach: The business process is described in a programming language [1], i.e. a process language which can be automatically mapped to an execution language and executed by a process engine. This article shows how Programming in the Large can be practically applied in a software engineering process. The Business Process Model Notation (BPMN) is used as a process programming language. A BPMN description can be mapped to the widely accepted Business Process Execution Language (BPEL)

SOA-aware Authorization Control

The question how to handle authorization of digital identities in a service-oriented architecture (SOA) remains an open issue. In this paper we present a design pattern for the integration of legacy systems with SOA using out-of-the-box (unmodified) application servers and discuss how the architecture has to be extended by an Identity Management (IdM) infrastructure. We claim that the IdM infrastructure itself must be designed in a service-oriented way to fit into the overall SOA approach. We introduce a possibility how to decouple the policy enforcement point from the application server and propose an architectural design pattern to seamlessly integrate the SOAs business-related functionality and the IdM infrastructure. An implementation case study illustrates how to apply the invocation pattern for secured web services

Model-Driven Development of SOA Services

Service-oriented architectures (SOA) will form the basis of future information systems. Basic web services are being assembled to composite web services in order to directly support business processes. As some basic web services can be used in several composite web services, different business processes are influenced if for example a web service is unavailable or if its signature changes. Yet the range of such a change is often ambiguous due to a missing overall SOA service model pointing out the influence of services on business processes. In this paper we present a SOA service model defined as a UML-based metamodel and its integration into a model-driven service development approach. In contrary to existing approaches we explicitly address deployment issues

Interoperable Absicherung des Nachrichtenaustausches zwischen Webservices am Beispiel des Transcript of Records BPEL-Services

Das vorliegende Dokument stellt die Ergebnisse des im Rahmen einer WUSKAR-Fallstudie durchgeführten Team-Projektes vor. Der bereits vorhandene BPEL-Webservice Transcript of Records verarbeitet sensible Daten und soll daher abgesichert werden. Aufgrund der Heterogenität der zugrunde liegenden Systeme und unter Berücksichtigung zukünftiger, denkbarer Integrationsvorhaben wird zur Gewährleistung der Interoperabilität der Absicherungslösung der OASIS-Standard WS-Security eingesetzt. Als Vorleistung für die Absicherung werden die Basis-Webservices zunächst auf eine WS-Security-fähige Ausführungsplattform portiert