Integration von bestehendem Sicherheitswissen in einen Software-Entwicklungsprozess

Die Komplexität der Sicherheitsdomäne schränkt die Wiederverwendung von existierenden Sicherheitswissen bei der Entwicklung von Software ein. In dieser Arbeit wird ein Modell für Sicherheitswissen und ein Prozess aufgezeigt, um das bereits vorhandene Sicherheitswissen effektiv in einen Software-Entwicklungsprozess einzubetten, um zielgerichtet Sicherheitsmaßnahmen für ein Software-System zu implementieren

Integration of a Security Product in Service-Oriented Architecture

The future of enterprise software development lies in the use of a service-oriented architecture (SOA) to support business concerns. Business services are using security services offered by service-oriented security architectures for security support. The question remains how to implement the security services using traditional security products and how to map security policies defined at service level to product-specific policies. In this paper we present an approach for integrating existing security products into service-oriented security architectures. We show how traditional security products can be adapted to fit into the overall service-oriented paradigm. We present a case study that applies our approach

Integration of a Security Product in Service-Oriented Architecture

The future of enterprise software development lies in the use of a service-oriented architecture (SOA) to support business concerns. Business services are using security services offered by service-oriented security architectures for security support. The question remains how to implement the security services using traditional security products and how to map security policies defined at service level to product-specific policies. In this paper we present an approach for integrating existing security products into service-oriented security architectures. We show how traditional security products can be adapted to fit into the overall service-oriented paradigm. We present a case study that applies our approach

Service-Oriented Integration Using a Model-Driven Approach

{ hoyer | gebhart | pansa | a.dikanski | abeck} @ kit.edu Abstract — Provision of processes supported by Information Technology (IT) spreading around several different units of one organization requires the integration of existing distributed legacy applications. Typically the part of the application’s functionality used in a process is offered through proprietary interfaces, complicating the integration. A possible solution to this issue is to construct standards-based, service-oriented interfaces offering only the required functionality. Existing approaches within this field mostly focus on the technical issues of the integration using Web services and hardly consider the integration from the perspective of the IT-supported processes. In this article, we introduce a development approach for modeling an IT-supported process which is enhanced by the automatic generation of necessary Web service artifacts. Our approach is exemplified by a scenario at the Karlsruhe Institute of Technology (KIT) that implements a process to visualize the study progress of a student. Keywords—model-driven development; service-oriented integration; Web services; Unified Modeling Language I