2. Acknowledgments
• Dr. Raquel Anaya and Pr. Luís Fernando Londoño (EAFIT
University)
• Mireille Blay-Fornarino (University of Nice-Sophia
Antipolis, France)
• Sébastien Mosser (University of Lille I, France)
• Sergio Ochoa and Alexandre Bergel (University of Chile)
2
3. Content
1. Context
2. The ADORE Method
3. Case study
4. Problem: Security & Business
Processes
5. Our proposal
6. Conclusions, Further works
and Results
7. Questions 3
4. Context
• Separation of Concerns
• Workflows of Business Processes.
• MDD
• AOSD
• Security based on Services
• Workflows adaptations based on security
4
5. Goals of this work
The main goal of this proposal is to establish the
incorporation in design time, of adaptation mechanisms
on workflows in order to consider security restrictions on
data and control structures that are part of a workflow, by
using model driven and aspects approaches.
5
6. Research questions
• Which is the way to apply and/or enrich the ADORE
method in order to consider security based on
standards?
• Which is the contribution of modeling languages based
on UML for representing, at high abstraction level, the
security as an aspect and the interventions of it over the
core functionality?
• Which is the importance of the visualization mechanism
for analyzing the complexity of the security adaptation
proposed? 6
7. Content
1. Context
2. The ADORE Method
3. Case study
4. Problem: Security & Business
Processes
5. Our proposal
6. Conclusions, Further works
and Results
7. Questions 7
8. The ADORE Method
• «Activity moDel to suppOrt oRchestration Evolution»
[TAOSD’10]
• Consider concerns as «process fragments» to be
composed with existing processes
• Support fragment composition through different
(endogenous) algorithms
• Algorithms ensure compositional properties
• E.g., order preservation
8
11. • More info about ADORE
• http://www.adore-design.org/doku/
• http://www.adore-
design.org/doku/examples/cccms/start
• http://modalis.i3s.unice.fr/
MODels to usAge of large scaLe InfraStructures 11
12. Content
1. Context
2. The ADORE Method
3. Case study
4. Problem: Security & Business
Processes
5. Our proposal
6. Conclusions, Further works
and Results
7. Questions 12
13. The Case Study
•Car Crash Crisis Management System: CCCms
•Requirement documents specified in [Kienzle et al,
2010]
•Special issue of TAOSD, focusing on Aspect
Oriented Modeling
•Contents:
•8 main success scenario
•27 business extensions
•3 non-functional properties
Source: S. Mosser (2011)
13
•How to handle a Car Crash accident?
14. Initial version
Source [Mosser, Blay-Fornarino and France, 2010] 14
15. Final version
It’s only for Capture Witness Report use case of CCCms….
Source [Mosser, Blay-Fornarino and France, 2010]
15
16. Content
1. Context
2. The ADORE Method
3. Case study
4. Problem: Security & Business
Processes
5. Our proposal
6. Conclusions, Further works
and Results
7. Questions 16
17. • Model (business) behavior in a Service-Oriented
Architecture
• Think «activity diagram» in the UML
• Think BPMN and BPEL ...
• Think specific proposals based on several symbols…
• As complex as the modeled business: no magic here (at
least yet)
• Security (and Quality Attributes) are often handled at the
infrastructure level (e.g., WS-*)
• But it clearly impacts modeled behaviors (e.g., «role-
based access control»), as well as persistence, error
handling, ... 17
18. • The use of SoC and aspects are extended to the
treatment of quality attributes (as security and its derived
implications, e.g., control access) so that business
processes managed within a workflow consider
additional features to functionality.
• In most contemporary SOA practices focused on the
separation of concerns, the properties related with
quality attributes are specified and mapped in a set of
services.
• This strategy involves that developers and SOA
architects must configure properly the quality attributes
in a range of services (usually every quality attribute
covers multiple services simultaneously).
18
19. • Unfortunately, UML, BPMN and BPEL do not support
separation of concerns per se. [Wada, Suzuki and Oba,
2008]
19
20. Content
1. Context
2. The ADORE Method
3. Case study
4. Problem: Security & Business
Processes
5. Our proposal
6. Conclusions, Further works
and Results
7. Questions 20
21. • Existing approaches deal with Separation of Concerns:
• Concerns reification (e.g., «Aspects» in Aspect-oriented
Programming)
• Composition with legacy systems (e.g., «Aspect
weaving»)
• Security (e.g., control access, encryption) can be
considered as another concern
• Thus composed with other concerns (e.g., persistence
standard, behavioral)
• Compliant with concern reasoning approaches
• E.g, interaction detection mechanisms 21
22. • Security can be considered as a crosscutting concern?
• Security involves services?
• Security have a high-level support?
• Several works propose the derivation of security models
from Business Processes Models (BPMN, BPEL and SOA
models)
22
23. • Security Control Access through RBAC – XACML
• RBAC: Role Based Control Access (Model)
• XACML (eXtensible Access Control Markup Language):
OASIS Standard
• XACML 2.0 - 3.0 define a profile for RBAC support in
order to bind RBAC practical solutions in web services
environments.
• RBAC is supported in high level abstraction models by
SecureUML metamodel and Model Driven Security.
• Encryption using RSA X.509
• Services implemented by existing frameworks
23
26. XACML Model (II)
26
General XACML Architecture. Source [Breu, Popp and Alam, 2007]
27. Our proposal
Principles derived from the AOSD and MDD provide a high
degree of flexibility: AOSD can be applied to identify
common concerns, visualizing scenarios where they can be
applied throughout the business process that is automated
in a workflow. The business process models can be
adapted to meet new requirements. Further changes to
process models can be applied immediately to adjust
business processes.
27
28. Our proposal
• To derive ADORE fragments for XACML process and RSA
X.509 desencryption process.
• Fragments application independent.
• To support the semantic context of ADORE fragments
through its integration with Theme/UML approach
• Bind through ADORE
• To use concepts of software visualization for identifying
and managing the complexity of new ADORE fragments
for CCCms
28
29. Integration with Theme/UML
• Such as was exposed with the XACML standard, a quality
attribute could contain a set of associated services and structures
or specific dimensions, as hardware/software technologies that
support security operations.
• Other types of concerns address specifications of dimension,
e.g., if a business process model must consider the managing of
business rules, the fragment o fragment set must consider
specific operations over a business rule engine.
• It is evident the use of information of the modeled context
expressed as variables that are introduced directly in the
formulation of an ADORE fragment. According with the ADORE
method the knowledge of context mapped in the fragments is
associated exclusively to the description of the selected process.
29
31. Integration with Theme/UML
• With the purpose of supporting the definition of ADORE
fragments from quality attributes whose behaviors are generic
respect to the behaviors that belongs to a business process
workflow, we decided to use a subset of the diagrams of the
modeling phase established in the Model-Driven Theme/UML
process development to show the mapping of the information
of the context of the quality attribute towards the ADORE
fragment.
• The context is defined in terms of the features specified for the
system, the set of standards that govern the application and
the invocation of underlying services, as the XACML standard
for this case.
31
38. Weaving
• XACML application
independent
fragment (blue)
• Desencrypt
application
independent
fragment (pink)
• retrieveVictimHistory
dependent fragment
(green)
• execRescueMission
orchestration (white)
38
39. Visualization
• The goal of visualization is the extension of cognition or acquisition
and/or use of knowledge [Teyseyre and Campo, 2009].
• ADORE allows to extract information from the internal representation
of business processes, so it is possible to generate information
related to the structure and metrics of business processes
• The principle of separation of concerns in the context of business
process workflows derive implicitly the presence of complexity as an
important factor to consider in the tasks of maintainability,
understandability and accuracy of measurement of a business
process.
• From work of [Mosser, Bergel and Blay-Fornarino, 2010] we adapt it
for exposing the "new" independent application fragments (security)
in order to manage the complexity of the global CCCMs fragments
including new generated fragments. 39
41. Complexity of fragments and orchestrations of CCCms including
formulated security fragments 41
42. Activities of connection between the fragments and orchestrations
of CCCms, including formulated security fragments
42
43. Content
1. Context
2. The ADORE Method
3. Case study
4. Problem: Security & Business
Processes
5. Our proposal
6. Conclusions, Further Works
and Results
7. Questions
43
44. • Integration of MDD and ASOD principles to establish at a
model level, mechanisms of adaptation of business
process workflows, in order to incorporate security
constraints based on access control defined by the
RBAC model and the XACML standard.
• Final process designed through the composition of
smaller artifacts
• XACML security fragments are «process independent»
• Thus can be reused in other business processes
workflows
• Approach applied successfully to the complete CCCms
44
45. • Achievements
• XACML policies implemented as reusable process
fragments
• Approach applied to a concrete and complex case
study
• Work in progress
• Final process «optimization» (e.g., merge redundant
activities)
• Application to other case studies (information
broadcasting)
45
46. • Further works
• Conclusions about the ADORE method
• Comparison of this work with BPEL4RBAC, AO4BPEL
and AO4BPMN proposals
• Use of ADORE by quality attributes experts
• Standardization of behaviors derived from quality
attributes in ADORE
46
47. • Fáber D. Giraldo, Mireille Blay-Fornarino, Sébastien Mosser.
"Introducing Security Access Control Policies into Legacy Business
Processes”. Proceedings of the Fifteenth International Enterprise
Distributed Object Computing Conference (EDOC'11), IEEE,
Helsinki, Finland, 29 august - 02 September 2011. Available in
http://hal.archives-
ouvertes.fr/docs/00/59/48/45/PDF/edoc_2011.pdf
and
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&ar
number=6037600&contentType=Conference+Publications
• Fáber D. Giraldo and Raquel Anaya. “Integrating non-functional
security services in ADORE using multiple views modeling
approaches”. XXXVIII Latin American Conference on Informatics
(CLEI 2012), Latin American Symposium in Software Engineering.
IEEExplorer coming soon! 47
48. Contact
• fdgiraldo@uniquindio.edu.co
• fdgiraldo
• @fdgiraldo
More Information in CVLac & GrupLac
• http://www.linkedin.com/profile/view?id=144790141&trk=tab_pro
• http://www.slideshare.net/fdgiraldo/
49. Thank You for Your Attention !
fdgiraldo@uniquindio.edu.co
49