Skip to main content
SpringerLink
Log in

The Aniketos Service Composition Framework

Analysing and Ranking of Secure Services

  • Chapter
Book cover Secure and Trustworthy Service Composition

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8900))

Abstract

Modern applications are inherently heterogeneous: they are built by composing loosely coupled services that are, usually, offered and operated by different service providers. While this approach increases the flexibility of the composed applications, it makes the implementation of security and trustworthiness requirements much more difficult. Therefore there is a need for new approaches that integrate security requirements right from the beginning while composing service-based applications, in order to ensure security and trustworthiness.

In this chapter, we present a framework for secure service composition using a model-based approach for specifying, building, and executing composed services. As a unique feature, this framework integrates security requirements as a first class citizen and, thus, avoids the “security as an afterthought” paradigm.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. van der Aalst, W., de Medeiros, A.: Process mining and security: Detecting anomalous process executions and checking process conformance. ENTCS 121, 3–21 (2005)

    Google Scholar 

  2. van der Aalst, W.M.P., Dumas, M., Gottschalk, F., ter Hofstede, A.H.M., La Rosa, M., Mendling, J.: Correctness-preserving configuration of business process models. In: Fiadeiro, J.L., Inverardi, P. (eds.) FASE 2008. LNCS, vol. 4961, pp. 46–61. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  3. Accorsi, R., Wonnemann, C.: inDico: Information flow analysis of business processes for confidentiality requirements. In: Cuellar, J., Lopez, J., Barthe, G., Pretschner, A. (eds.) STM 2010. LNCS, vol. 6710, pp. 194–209. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  4. Aniketos: Deliverable 5.1: Aniketos platform design and platform basis implementation (2011)

    Google Scholar 

  5. Arsac, W., Compagna, L., Pellegrino, G., Ponta, S.E.: Security validation of business processes via model-checking. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 29–42. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  6. Basin, D., Clavel, M., Doser, J., Egea, M.: Automated analysis of security-design models. Information and Software Technology 51(5), 815–831 (2009)

    Article  Google Scholar 

  7. Brucker, A.D., Brügger, L., Kearney, P., Wolff, B.: An approach to modular and testable security models of real-world health-care applications. In: SACMAT, pp. 133–142. ACM Press (2011)

    Google Scholar 

  8. Brucker, A.D., Doser, J., Wolff, B.: A model transformation semantics and analysis methodology for secureUML. In: Wang, J., Whittle, J., Harel, D., Reggio, G. (eds.) MoDELS 2006. LNCS, vol. 4199, pp. 306–320. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  9. Brucker, A.D., Hang, I.: Secure and compliant implementation of business process-driven systems. In: Rosa, M.L., Soffer, P. (eds.) Joint Workshop on Security in Business Processes (SBP). LNBIP, vol. 132, pp. 662–674. Springer, Heidelberg (1982)

    Google Scholar 

  10. Christensen, E., Curbera, F., Meredith, G., Weerawarana, S.: Web services description language (WSDL) 1.1. Tech. rep., W3C (2001)

    Google Scholar 

  11. Compagna, L., Guilleminot, P., Brucker, A.D.: Business process compliance via security validation as a service. In: Oriol, M., Penix, J. (eds.) Testing Tools Track of ICST. IEEE Computer Society (2013)

    Google Scholar 

  12. Dijkman, R.M., Dumas, M., Ouyang, C.: Semantics and analysis of business process models in BPMN. Information & Software Technology 50(12), 1281–1294 (2008)

    Article  Google Scholar 

  13. Elshaafi, H., McGibney, J., Botvich, D.: Trustworthiness monitoring and prediction of composite services. In: ISCC, pp. 580–587 (2012)

    Google Scholar 

  14. Jorstad, N., Landgrave, T.S.: Cryptographic algorithm metrics. In: 20th National Information Systems Security Conference (1997)

    Google Scholar 

  15. Jürjens, J., Rumm, R.: Model-based security analysis of the german health card architecture. Methods Inf Med 47(5), 409–416 (2008)

    Google Scholar 

  16. Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-based modeling language for model-driven security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  17. Mülle, J., von Stackelberg, S., Böhm, K.: A security language for BPMN process models. Tech. rep., University Karlsruhe, KIT (2011)

    Google Scholar 

  18. OASIS: eXtensible Access Control Markup Language (XACML), version 2.0 (2005), http://docs.oasis-open.org/xacml/2.0/XACML-2.0-OS-NORMATIVE.zip

  19. Object Management Group: Business process model and notation bpmn, version 2.0 (2011), Available as omg document formal/2011-01-03

    Google Scholar 

  20. Paja, E., Dalpiaz, F., Poggianella, M., Roberti, P., Giorgini, P.: Modelling security requirements in socio-technical systems with sts-tool. In: Kirikova, M., Stirna, J. (eds.) CAiSE Forum, vol. 855, pp. 155–162 (2012)

    Google Scholar 

  21. Rodríguez, A., Fernández-Medina, E., Piattini, M.: A BPMN extension for the modeling of security requirements in business processes. IEICE - Trans. Inf. Syst. E90-D, 745–752 (2007)

    Article  Google Scholar 

  22. Sohr, K., Ahn, G.-J., Gogolla, M., Migge, L.: Specification and validation of authorisation constraints using UML and OCL. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 64–79. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  23. Welke, R., Hirschheim, R., Schwarz, A.: Service-oriented architecture maturity. Computer 15(1), 662–674 (2011)

    Google Scholar 

  24. Wolter, C., Meinel, C.: An approach to capture authorisation requirements in business processes. Requir. Eng. 15(4), 359–373 (2010)

    Article  Google Scholar 

  25. Wolter, C., Schaad, A.: Modeling of task-based authorization constraints in BPMN. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 64–79. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  26. Zhou, B., Arabo, A., Drew, O., Llewellyn-Jones, D., Merabti, M., Shi, Q., Waller, A., Craddock, R., Jones, G., Arnold, K.L.Y.: Data flow security analysis for system-of-systems in a public security incident. In: ACSF, pp. 8–14 (2008)

    Google Scholar 

  27. Zhou, B., Drew, O., Arabo, A., Llewellyn-Jones, D., Kifayat, K., Merabti, M., Shi, Q., Craddock, R., Waller, A., Jones, G.: System-of-systems boundary check in a public event scenario. In: SoSE (2010)

    Google Scholar 

  28. Zhou, B., Llewellyn-Jones, D., Shi, Q., Asim, M., Merabti, M., Lamb, D.: Secure service composition adaptation based on simulated annealing. In: ACSAC, pp. 49–55 (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. SAP SE, Vincenz-Priessnitz-Str. 1, 76131, Karlsruhe, Germany

    Achim D. Brucker

  2. Selex ES S.p.A, A Finmeccanica Company, Italy

    Francesco Malmignati

  3. Liverpool John Moores University, Liverpool, United Kingdom

    Madjid Merabti, Qi Shi & Bo Zhou

Authors
  1. Achim D. Brucker
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Francesco Malmignati
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Madjid Merabti
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Qi Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Bo Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. SAP SE, Vincenz-Priessnitz-Str. 1, 76131, Karlsruhe, Germany

    Achim D. Brucker

  2. Utrecht University, PO Box 80.089, 3508 TB, Utrecht, The Netherlands

    Fabiano Dalpiaz

  3. DISI, University of Trento, Via Sommarive 5, 38123, Povo, Trento, Italy

    Paolo Giorgini

  4. SINTEF ICT, Strindveien 4, 7465, Trondheim, Norway

    Per Håkon Meland

  5. Parque Tecnológico de Bizkaia, TECNALIA Research & Innovation, Edifício 202, 48170, Zamudio, Spain

    Erkuden Rios

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Brucker, A.D., Malmignati, F., Merabti, M., Shi, Q., Zhou, B. (2014). The Aniketos Service Composition Framework. In: Brucker, A.D., Dalpiaz, F., Giorgini, P., Meland, P.H., Rios, E. (eds) Secure and Trustworthy Service Composition. Lecture Notes in Computer Science, vol 8900. Springer, Cham. https://doi.org/10.1007/978-3-319-13518-2_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-13518-2_9

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-13517-5

  • Online ISBN: 978-3-319-13518-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation