Volume 2 Number 1 (Feb. 2007)
Home > Archive > 2007 > Volume 2 Number 1 (Feb. 2007) >
JSW 2007 Vol.2(1): 47-59 ISSN: 1796-217X
doi: 10.4304/jsw.2.1.47-59

Model-Driven Security Engineering for Trust Management in SECTET

Masoom Alam, Ruth Breu, Michael Hafner
Research Group, Quality Engineering University of Innsbruck, Austria

Abstract—Service Oriented Architectures with underlying technologies like web services and web services orchestration have opened the door to a wide range of novel application scenarios, especially in the context of inter-organizational cooperation. One of the remaining obstacles for a widespread use of these techniques is security. Companies and organizations open their systems and core business processes to partners only if a high level of trust can be guaranteed. The emergence of web services security standards provides a valuable and effective paradigm for addressing the security issues arising in the context of inter-organizational cooperation. The low level of abstraction of these standards is, however, still an unresolved issue which makes them inaccessible to the domain expert and remains a major obstacle when aligning security objectives with the customer needs. Their complexity makes implementation easily prone of error. The SECTET – a model-driven security engineering framework for B2B-workflows – facilitates the design and implementation of secure inter-organizational workflows. This contribution has three objectives. First we present a high-level domain specific language – called SECTET-PL. Being part of the SECTET-framework, SECTET-PL is a policy language influenced by Object Constraint Language and interpreted in the context of UML models.We then detail the Meta Object Facility based metamodels for the integration of business requirements with the security requirements. Finally, using Model Driven Architecture paradigm, we describe the transformation of high-level security models to low-level web services standard artefacts with the help of Eclipse Modelling Framework and Open Architecture Ware.

Index Terms—Domain Specific Language, Model Driven Architecture, Model Driven Engineering, Service Oriented Architecture

[PDF]

Cite: Masoom Alam, Ruth Breu, Michael Hafner, " Model-Driven Security Engineering for Trust Management in SECTET," Journal of Software vol. 2, no. 1, pp. 47-59, 2007.

General Information

ISSN: 1796-217X (Online)
Frequency:  Bimonthly (Since 2020)
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, Google Scholar, ProQuest, INSPEC(IET), ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsw@iap.org
  • Apr 26, 2021 News!

    Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec)     [Click]

  • Jun 22, 2020 News!

    Papers published in JSW Vol 14, No 1- Vol 15 No 4 have been indexed by DBLP     [Click]

  • Sep 13, 2021 News!

    The papers published in Vol 16, No 6 have all received dois from Crossref    [Click]

  • Jan 28, 2021 News!

    [CFP] 2021 the annual meeting of JSW Editorial Board, ICCSM 2021, will be held in Rome, Italy, July 21-23, 2021   [Click]

  • Sep 13, 2021 News!

    Vol 16, No 6 has been published with online version     [Click]