A service-oriented cloud modeling method and process

The transition of software development from web to cloud has been accelerated. The development of cloud services requires a modeling method that reflects the characteristics of cloud including personalized service, resource sharing service, grouped and distributed services, and cross-platform operability. This study aimed to suggest a method of developing UML-based cloud services suitable for the characteristics of cloud services. A cloud service metamodel was defined using cloud applications’ characteristic modeling elements, and after that, how these cloud modeling elements are expressed into UML modeling elements was defined with an integrated metamodel between cloud and UML. By applying this hierarchical cloud metamodel, an MDA and MVC-based service-oriented cloud modeling process was established. By doing so, it will be possible to easily design services (applications) and solutions that are suitable for cloud computing environments, and in particular, to create hierarchical reuse models by the level of the abstraction of model-driven development

Privacy Protection Framework with Defined Policies for Service-Oriented Architecture

Service-Oriented Architecture (SOA) is a computer systems design concept which aims to achieve reusability and integration in a distributed environment through the use of autonomous, loosely coupled, interoperable abstractions known as services. In order to interoperate, communication between services is very important due to their autonomous nature. This communication provides services with their functional strengths, but also creates the opportunity for the loss of privacy. In this paper, a Privacy Protection Framework for Service-Oriented Architecture (PPFSOA) is described. In this framework, a Privacy Service (PS) is used in combination with privacy policies to create privacy contracts that outline what can and cannot be done with a consumer’s personally identifiable information (PII). The privacy policy consists of one-to-many privacy rules, with each rule created from a set of six privacy elements: collector, what, purpose, retention, recipient and trust. The PS acts as an intermediary between the service consumer and service provider, to establish an unbiased contract before the two parties begin sending PII. It is shown how many Privacy Services work together to form the privacy protection framework. An examination of what current approaches to protecting privacy in an SOA environment is also presented. Finally, the operations the PS must perform in order to fulfill its tasks are outlined

Privacy Protection Framework for Service-Oriented Architecture

Service-Oriented Architecture (SOA) is a computer systems design concept which aims to achieve reusability and integration in a distributed environment through the use of autonomous, loosely coupled, interoperable abstractions known as services. In order to interoperate, communication between services is very important due to their autonomous nature. This communication provides services with their functional strengths, but also creates the opportunity for the loss of privacy. In this thesis, a Privacy Protection Framework for Service-Oriented Architecture (PPFSOA) is proposed. In this framework, a Privacy Service (PS) is used in combination with privacy policies to create privacy contracts that outline what can and cannot be done with a consumer’s personally identifiable information (PII). The privacy policy consists of one-to-many privacy rules, with each rule created from a set of six privacy elements: collector, what, purpose, retention, recipient and trust. These elements were carefully selected from a set of Fair Information Practices (FIP) which has been used as the basis for privacy legislation around the world. The PS plays the role of negotiator, comparing privacy policies to create privacy contracts and resolving any conflicts that arise during this process. The PS acts as an intermediary between the service consumer and service provider, to establish an unbiased contract before the two parties begin sending PII. An examination of what current approaches to protecting privacy in an SOA environment is also presented. Finally, a proof of concept is shown which demonstrates the behaviour of a functioning PS in multiple scenario

UML-SOA-Sec and Saleem's MDS Services Composition Framework for Secure Business Process Modelling of Services Oriented Applications

In Service Oriented Architecture (SOA) environment, a software application is a composition of services, which are scattered across enterprises and architectures. Security plays a vital role during the design, development and operation of SOA applications. However, analysis of today's software development approaches reveals that the engineering of security into the system design is often neglected. Security is incorporated in an ad-hoc manner or integrated during the applications development phase or administration phase or out sourced. SOA security is cross-domain and all of the required information is not available at downstream phases. The post-hoc, low-level integration of security has a negative impact on the resulting SOA applications. General purpose modeling languages like Unified Modeling Language (UML) are used for designing the software system; however, these languages lack the knowledge of the specific domain and "security" is one of the essential domains. A Domain Specific Language (DSL), named the "UML-SOA-Sec" is proposed to facilitate the modeling of security objectives along the business process modeling of SOA applications. Furthermore, Saleem's MDS (Model Driven Security) services composition framework is proposed for the development of a secure web service composition

A goal-oriented requirements modelling language for enterprise architecture

Methods for enterprise architecture, such as TOGAF, acknowledge the importance of requirements engineering in the development of enterprise architectures. Modelling support is needed to specify, document, communicate and reason about goals and requirements. Current modelling techniques for enterprise architecture focus on the products, services, processes and applications of an enterprise. In addition, techniques may be provided to describe structured requirements lists and use cases. Little support is available however for modelling the underlying motivation of enterprise architectures in terms of stakeholder concerns and the high-level goals that address these concerns. This paper describes a language that supports the modelling of this motivation. The definition of the language is based on existing work on high-level goal and requirements modelling and is aligned with an existing standard for enterprise modelling: the ArchiMate language. Furthermore, the paper illustrates how enterprise architecture can benefit from analysis techniques in the requirements domain

Reflective federation of enterprises in open service ecosystem

Peer reviewe

Optimal Web Service Selection Using UML Profile

Enterprises are more conscious of providing quality of services over the web for reasons of economy, reliability, interoperability and flexibility. Enterprise application relies on selection of the most appropriate service from several candidate services with similar capabilities provided by different service providers. The question is, on what basis the system chooses a service among several candidates. This paper proposes a model that makes an automatic selection of best service and detects the variance between the non-functional requirements of the users and service qualifications. In this paper, we describe our approach aimed to detect conflicts between user requirements and the service specifications of the service provider. Our work proposes to detect these conflicts using Ontology and UML profiles to achieve better performance and avoid unpredictable state of the system. We suggest use of UML extensions and domain Ontology to detect NFR conflicts between the client’s requirements and service specifications

Non-functional properties in the model-driven development of service-oriented systems

Systems based on the service-oriented architecture (SOA) principles have become an important cornerstone of the development of enterprise-scale software applications. They are characterized by separating functions into distinct software units, called services, which can be published, requested and dynamically combined in the production of business applications. Service-oriented systems (SOSs) promise high flexibility, improved maintainability, and simple re-use of functionality. Achieving these properties requires an understanding not only of the individual artifacts of the system but also their integration. In this context, non-functional aspects play an important role and should be analyzed and modeled as early as possible in the development cycle. In this paper, we discuss modeling of non-functional aspects of service-oriented systems, and the use of these models for analysis and deployment. Our contribution in this paper is threefold. First, we show how services and service compositions may be modeled in UML by using a profile for SOA (UML4SOA) and how non-functional properties of service-oriented systems can be represented using the non-functional extension of UML4SOA (UML4SOA-NFP) and the MARTE profile. This enables modeling of performance, security and reliable messaging. Second, we discuss formal analysis of models which respect this design, in particular we consider performance estimates and reliability analysis using the stochastically timed process algebra PEPA as the underlying analytical engine. Last but not least, our models are the source for the application of deployment mechanisms which comprise model-to-model and model-to-text transformations implemented in the framework VIATRA. All techniques presented in this work are illustrated by a running example from an eUniversity case study

Multi-tier agent architecture for open service ecosystems

Proceeding volume: Vol-918Peer reviewe