13 research outputs found
Development of service-oriented architectures using model-driven development : a mapping study
Context: Model-Driven Development (MDD) and Service-Oriented Architecture (SOA) are two challenging research areas in software engineering. MDD is about improving software development whilst SOA is a service-based conceptual development style, therefore investigating the available proposals in the literature to use MDD when developing SOA may be insightful. However, no studies have been found with this purpose. Objective: This work aims at assessing the state of the art in MDD for SOA systems. It mainly focuses on: what are the characteristics of MDD approaches that support SOA; what types of SOA are supported; how do they handle non-functional requirements. Method: We conducted a mapping study following a rigorous protocol. We identified the representative set of venues that should be included in the study. We applied a search string over the set of selected venues. As result, 129 papers were selected and analysed (both frequency analysis and correlation analysis) with respect to the defined classification criteria derived from the research questions. Threats to validity were identified and mitigated whenever possible. Results: The analysis allows us to answer the research questions. We highlight: (1) predominance of papers from Europe and written by researchers only; (2) predominance of top-down transformation in software development activities; (3) inexistence of consolidated methods; (4) significant percentage of works without tool support; (5) SOA systems and service compositions more targeted than single services and SOA enterprise systems; (6) limited use of metamodels; (7) very limited use of NFRs; and (8) limited application in real cases. Conclusion: This mapping study does not just provide the state of the art in the topic, but also identifies several issues that deserve investigation in the future, for instance the need of methods for activities other than software development (e.g., migration) or the need of conducting more real case studies.Peer ReviewedPostprint (author's final draft
Automatic tactical network node configuration with XML and SNMP, Journal of Telecommunications and Information Technology, 2008, nr 2
In the paper, we describe a "plug-and-play" configuration of nodes of a tactical network on the basis of XML configuration templates and a network plan, developed during the network planning process. We present the concept of a configuration repository, an XML-based database that stores network structure and configuration data, and describe how the Simple Network Management Protocol is used to apply the settings to network devices. We also comment on a possible use of the next-generation NETCONF protocol for such a task
UML-SOA-Sec and Saleem's MDS Services Composition Framework for Secure Business Process Modelling of Services Oriented Applications
In Service Oriented Architecture (SOA) environment, a software application is a
composition of services, which are scattered across enterprises and architectures.
Security plays a vital role during the design, development and operation of SOA
applications. However, analysis of today's software development approaches reveals
that the engineering of security into the system design is often neglected. Security is
incorporated in an ad-hoc manner or integrated during the applications development
phase or administration phase or out sourced. SOA security is cross-domain and all of
the required information is not available at downstream phases. The post-hoc, low-level
integration of security has a negative impact on the resulting SOA applications. General
purpose modeling languages like Unified Modeling Language (UML) are used for
designing the software system; however, these languages lack the knowledge of the
specific domain and "security" is one of the essential domains. A Domain Specific
Language (DSL), named the "UML-SOA-Sec" is proposed to facilitate the modeling of
security objectives along the business process modeling of SOA applications.
Furthermore, Saleem's MDS (Model Driven Security) services composition framework
is proposed for the development of a secure web service composition
UML-SOA-Sec and Saleemâs MDS Services Composition Framework for Secure Business Process Modelling of Services Oriented Applications
In Service Oriented Architecture (SOA) environment, a software application is a
composition of services, which are scattered across enterprises and architectures.
Security plays a vital role during the design, development and operation of SOA
applications. However, analysis of todayâs software development approaches reveals
that the engineering of security into the system design is often neglected. Security is
incorporated in an ad-hoc manner or integrated during the applications development
phase or administration phase or out sourced. SOA security is cross-domain and all of
the required information is not available at downstream phases. The post-hoc, low-level
integration of security has a negative impact on the resulting SOA applications. General
purpose modeling languages like Unified Modeling Language (UML) are used for
designing the software system; however, these languages lack the knowledge of the
specific domain and âsecurityâ is one of the essential domains. A Domain Specific
Language (DSL), named the âUML-SOA-Secâ is proposed to facilitate the modeling of
security objectives along the business process modeling of SOA applications.
Furthermore, Saleemâs MDS (Model Driven Security) services composition framework
is proposed for the development of a secure web service composition
A Privacy-Aware Access Control Model for Distributed Network Monitoring
International audienceIn this paper, we introduce a new access control model that aims at addressing the privacy implications surrounding network monitoring. In fact, despite its importance, network monitoring is natively leakage-prone and, moreover, this is exacerbated due to the complexity of the highly dynamic monitoring procedures and infrastructures, that may include multiple traffic observation points, distributed mitigation mechanisms and even inter-operator cooperation. Conceived on the basis of data protection legislation, the proposed approach is grounded on a rich in expressiveness information model, that captures all the underlying monitoring concepts along with their associations. The model enables the specification of contextual authorisation policies and expressive separation and binding of duty constraints. Finally, two key innovations of our work consist in the ability to define access control rules at any level of abstraction and in enabling a verification procedure, which results in inherently privacy-aware workflows, thus fostering the realisation of the Privacy by Design vision