Requirements engineering is a key step in the software development process that has little counterpart in the development of business processes for web services. Furthermore, the existing design methodologies for web services do not address the issue of developing secure web services, secure business processes and secure workflows. This paper presents a methodology that allows a business process designer to derive the skeleton of the concrete secure business processes from the early requirements analysis. The proposed refinement methodology aims to obtain an appropriate coarse grained secure business process that can be further refined into workflows. We introduce a specification language for secure business processes, which is a dialect of WS-BPEL for the functional parts and abstracts away low level implementation details from WS-Security and WS-Federation specifications. To make the discussion more concrete, we illustrate the proposal with an e-business banking case study.
From Early Requirements Analysis towards Secure Workflows / Frankova, Ganna; Massacci, Fabio; Seguran, Magali. - ELETTRONICO. - (2007), pp. 1-23.
From Early Requirements Analysis towards Secure Workflows
Frankova, Ganna;Massacci, Fabio;
2007-01-01
Abstract
Requirements engineering is a key step in the software development process that has little counterpart in the development of business processes for web services. Furthermore, the existing design methodologies for web services do not address the issue of developing secure web services, secure business processes and secure workflows. This paper presents a methodology that allows a business process designer to derive the skeleton of the concrete secure business processes from the early requirements analysis. The proposed refinement methodology aims to obtain an appropriate coarse grained secure business process that can be further refined into workflows. We introduce a specification language for secure business processes, which is a dialect of WS-BPEL for the functional parts and abstracts away low level implementation details from WS-Security and WS-Federation specifications. To make the discussion more concrete, we illustrate the proposal with an e-business banking case study.| File | Dimensione | Formato | |
|---|---|---|---|
|
SecureBPEL_FrankovaMassacciSeguran.pdf
accesso aperto
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
545.96 kB
Formato
Adobe PDF
|
545.96 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
