Design of an Integrated Role-Based Access Control Infrastructure for Adaptive Workflow Systems

With increasing numbers of organizations automating their business processes by using workflow systems, security aspects of workflow systems has become a heavily researched area. Also, most workflow processes nowadays need to be adaptive, i.e., constantly changing, to meet changing business conditions. However, little attention has been paid to integrating Security and Adaptive Workflow. In this paper, we investigate this important research topic, with emphasis on Role Based Access Control (RBAC) in Adaptive Workflow. Based on our earlier work on a 3-tier adaptive workflow architecture, we present the design of a similar 3-tier RBAC infrastructure, and we show that it conceptually mirrors our adaptive workflow architecture. We also describe the mappings between them, and we show how this mapping can be used to manage organizational RBAC constraints when the workflows are being adapted continuously. We illustrate our ideas throughout the paper with a simple yet non-trivial example

Business Artifacts for E-Business Interoperability

Traditional solutions to address interoperability issues are mainly process-centric so that consistent interactions among collaborating enterprises are ensured. These solutions examine interoperability from a technological perspective with focus on exchanging information messages between distributed and heterogeneous applications. However, interoperability from a business perspective has been overlooked in the past due to the complexity of reconciling diverse business strategies, organizational constraints, and IT infrastructures. Business interoperability denotes the ability of diverse enterprises to collaborate together to coproduce added-value products and services. In this chapter, a new line of thinking is promoted whereby interoperability is data-centric instead of process-centric. Business interoperability is dealt with by adopting business artifacts that are able to cross organizational boundaries, and by introducing a stack of three layers - strategy, service, and resource. Artifacts are self-contained business records that include attributes, states, and life cycles that reflect the changes in these states. The artifact concept not only describes a business entity, but also encompasses knowledge about what to process without explaining how to do it. The shift from processes to artifacts makes business interoperability quite simple\u27\u27 to deploy and renders collaboration easy to manage and analyze. The chapter also introduces several interaction patterns that regulate the exchange of artifacts between enterprises. The ideas and proposals in this chapter are discussed via a realistic case-study to demonstrate how business people can seamlessly manage their day-to-day activities and intuitively construct interoperable and sustainable collaborations at the business and technological levels

iiWAS - Towards Context-Based Tracking of Web Services Security.

With the increasing popularity of Web services and increasing complexity of users\u27 needs, there has been a renewed interest in Web services composition. However, composition faces a major obstacle, which is the content heterogeneity of the contexts featuring the component Web services of a composite service. An unawareness or poor consideration of this heterogeneity during Web services composition and execution definitely results in a lack of the quality and relevancy of information that is deemed appropriate for tracking the composition, monitoring the execution, and handling exceptions. An earlier paper had provided a 3-level approach for content reconciliation of Web services\u27 contexts using ontologies. This paper extends the 3-level approach by focusing on the security breaches that threaten the integrity of the context of Web services, and proposes appropriate means to achieve this integrity

Towards a Coordination Model for Web Services

The increasing popularity of Web services for application integration has strengthened the need for automated Web services composition. For this automation to succeed, the joint execution of Web services requires to be coordinated. Coordination\u27s main use is to solve conflicts between Web services. Conflicts could be on sharable resources, order dependencies, or communication delays. The proposed coordination model tackles these conflicts with three inter-connected blocks defined as conflict, exception, and management. Conflicts among Web services raise exceptions that are handled using appropriate mechanisms as part of the coordination model

Business Artifacts for E-Business Interoperability

Traditional solutions to address interoperability issues are mainly process-centric so that consistent interactions among collaborating enterprises are ensured. These solutions examine interoperability from a technological perspective with focus on exchanging information messages between distributed and heterogeneous applications. However, interoperability from a business perspective has been overlooked in the past due to the complexity of reconciling diverse business strategies, organizational constraints, and IT infrastructures. Business interoperability denotes the ability of diverse enterprises to collaborate together to coproduce added-value products and services. In this chapter, a new line of thinking is promoted whereby interoperability is data-centric instead of process-centric. Business interoperability is dealt with by adopting business artifacts that are able to cross organizational boundaries, and by introducing a stack of three layers - strategy, service, and resource. Artifacts are self-contained business records that include attributes, states, and life cycles that reflect the changes in these states. The artifact concept not only describes a business entity, but also encompasses knowledge about what to process without explaining how to do it. The shift from processes to artifacts makes business interoperability quite simple\u27\u27 to deploy and renders collaboration easy to manage and analyze. The chapter also introduces several interaction patterns that regulate the exchange of artifacts between enterprises. The ideas and proposals in this chapter are discussed via a realistic case-study to demonstrate how business people can seamlessly manage their day-to-day activities and intuitively construct interoperable and sustainable collaborations at the business and technological levels

Business artifacts discovery and modeling

Changes in business conditions have forced enterprises to continuously re-engineer their business processes. Traditional business process modeling approaches, being activity-centric, have proven to be inadequate for handling this re-engineering. Recent research has focused on developing data-centric business process modeling approaches based on (business) artifacts. However, formal approaches for deriving artifacts out of business requirements currently do not exist. This paper describes a method for artifact discovery and modeling. The method is illustrated with an example in the purchase order domain. © 2010 Springer-Verlag

Aspect-Oriented Framework for Web Services (AoF4WS)

This chapter presents our research initiative known as aspect-oriented framework for Web services (AoF4WS). This initiative looks into the role of aspect-oriented programming in enhancing Web services with nonfunctional properties that are orthogonal to the primary functional properties of Web services, without the need for extensive reprogramming. This enhancement achieves a separation between the functional and nonfunctional aspects of Web services, thereby resulting in easier adaptability and maintainability. We have initially chosen to focus on security and self-healing nonfunctional requirements. The AoF4WS initiative is therefore demonstrated using two projects, SC-WS and SHWS, which respectively stand for security concerns of Web services and self-healing Web services. Our contributions are relevant to the design phase in an aspect-oriented software development lifecycle

Aspect-oriented framework for web services (AoF4WS): Introduction and two example case studies

This chapter presents our research initiative known as aspect-oriented framework for Web services (AoF4WS). This initiative looks into the role of aspect-oriented programming in enhancing Web services with nonfunctional properties that are orthogonal to the primary functional properties of Web services, without the need for extensive reprogramming. This enhancement achieves a separation between the functional and nonfunctional aspects of Web services, thereby resulting in easier adaptability and maintainability. We have initially chosen to focus on security and self-healing nonfunctional requirements. The AoF4WS initiative is therefore demonstrated using two projects, SC-WS and SH-WS, which respectively stand for security concerns of Web services and self-healing Web services. Our contributions are relevant to the design phase in an aspect-oriented software development lifecycle. © 2009, IGI Global

What can context do for web services?

Academia and industry, with the rapid development of information technologies, are adopting Web services due to their integration capabilities. Web services are being actively used for connecting business processes in business-to-business scenarios. The Web services community uses different languages for specifying Web services composition like BPEL and WSFL. The primary objective of these specification languages is to provide a high-level description of the composition process independent from any implementation details or concern. The need for a common semantics is intensified when Web services participate in the same composition. Web services, to reduce the limitations, must be context-aware, context is the information which characterizes the interactions between humans, applications and the environment. A possible solution to achieving a contextual semantic composition of Web services is built upon the semantic-value concept