Realizing model driven security for inter-organizational workflows with WS-CDL and UML 2.0

Authors:
Michael Hafner;Ruth Breu
Affiliations:
Institut für Informatik, Universität Innsbruck, Innsbruck;Institut für Informatik, Universität Innsbruck, Innsbruck
Venue:
MoDELS'05 Proceedings of the 8th international conference on Model Driven Engineering Languages and Systems
Year:
2005

Citing 12
Cited 2

SecureFlow: a secure Web-enabled workflow management system

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Loosely coupled interorganizational workflows: modeling and analyzing workflows crossing organizational boundaries

Information and Management
Modeling XML applications with UML: practical e-business applications

Modeling XML applications with UML: practical e-business applications
Exception Handling in Workflow Systems

Applied Intelligence
Event-Based Interaction Management for Composite E-Services in eFlow

Information Systems Frontiers
Correctness by Construction: Developing a Commercial Secure System

IEEE Software
The P2P Approach to Interorganizational Workflows

CAiSE '01 Proceedings of the 13th International Conference on Advanced Information Systems Engineering
SecureUML: A UML-Based Modeling Language for Model-Driven Security

UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Modelling Inter-organizational Workflow Security in a Peer-to-Peer Environment

ICWS '05 Proceedings of the IEEE International Conference on Web Services
Modelling, specifying and implementing workflow security in Cyberspace

Journal of Computer Security
Web service engineering – advancing a new software engineering discipline

ICWE'05 Proceedings of the 5th international conference on Web Engineering
Model driven security for inter-organizational workflows in e-government

TCGOV'05 Proceedings of the 2005 international conference on E-Government: towards Electronic Democracy

An evaluation framework for business process modeling languages in healthcare

Journal of Theoretical and Applied Electronic Commerce Research
A systematic review on security in Process-Aware Information Systems - Constitution, challenges, and future directions

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

The growing popularity of standards related to Web services, Web services security and workflows boosted the implementation of powerful infrastructures supporting interoperability for inter-organizational workflows. Nevertheless, the realization of such workflows is a very complex task, in many aspects still bound to low-level technical knowledge and error-prone. We provide a framework for the realization and the management of security-critical workflows based on the paradigm of Model Driven Security. The framework complies with a hierarchical stack of Web services specifications and related technologies. In this paper, we introduce a UML based approach for the modeling of security-critical inter-organizational workflows and map it to the Web Services Choreography Description Language. Our approach is based on a set of security patterns, which are integrated into UML class and activity diagrams. A tool translates the models into executable artifacts configuring a reference architecture based on Web services.