nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

4. Knowledge Elicitation and Conceptual Modeling to Foster Security and Trust in SOA System Evolution

verfasst von : John W. Coffey, Arthur Baskin, Dallas Snider

Erschienen in: Emerging Trends in the Evolution of Service-Oriented and Enterprise Architectures

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Software systems based upon Service-Oriented Architecture (SOA) are often large, heterogeneous and difficult to understand. Evolving such systems presents some unique challenges. For example, it is critical to understand the impacts on trust relationships and security as SOA systems evolve. A substantial body of work exists on the idea of knowledge elicitation and management through the creation of knowledge models, which are created to represent the conceptual knowledge of experts. Knowledge modeling based upon concept maps is an efficient process and knowledge representation scheme that holds potential to assist planning in evolving SOA systems. This chapter contains two examples of knowledge modeling in support of SOA system evolution. The first example is an academic study that illustrates the use of knowledge modeling to create a software security assurance case. The second example, which is the main focus of this chapter, pertains to the ongoing evolution of a large, real-world Sustainment Management System software suite named PAVER™. This software is being modified to allow third-party add-in functionality to interact with the base system and to create a SOA federation with other enterprise systems. This article contains a description of a knowledge elicitation and modeling effort to identify trust concerns as this increasingly large and complex federation evolves.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Flexible and Maintainable Service-Oriented Architectures with Resource-Oriented Web Services

Nächstes Kapitel The Fractal Nature of SOA Federations: A Real World Example

Novak, J.D., Gowin, D.B.: Learning how to learn. Cambridge University Press, New York (1984)CrossRef

Coffey, J.W., Cañas, A.J., Reichherzer, T., Hill, G., Suri, N., Carff, R., Mitrovich, T., Eberle, D.: Knowledge modeling and the creation of El-Tech: a performance support and training system for electronic technicians. Expert Syst. Appl. 25(4), 483–492 (2003)CrossRef

Coffey, J.W., Snider, D., Reichherzer, T., Wilde, N.: Concept mapping for the efficient generation and communication of security assurance cases. In: Proceedings of IMCIC’14, Orlando, FL. 4–7 Mar 2014, pp. 173–177. ISBN-978-1-936338-97-9

Coffey, J.W., Baskin, A., Reichherzer, T., Wilde, N.: Recovering SOA system architecture from low-level artifacts with a semi-automated approach involving CARET and knowledge elicitation. Int. J. Softw. Eng. Knowl. Eng. 26(1) (2016, Jan) (to appear)

Briggs, G., Shamma, D., Cañas, A.J., Scargle, J., Novak, J.D.: Concept maps applied to Mars exploration public outreach. In: Cañas, A.J., Novak, J.D., González, F. (eds.) Concept Maps: Theory, Methodology, Technology. Proceedings of the First International Conference on Concept Mapping, pp. 125–133. Pamplona, Spain (2004)

Coffey, J.W., Eskridge, T.: Case studies of knowledge modeling for knowledge preservation and sharing in the U.S. nuclear power industry. J. Inf. Knowl. Manage. 7(3), 173–185 (2008)

Coffey, J.W., Hoffman, R.R., Cañas, A.J.: Concept map-based knowledge modeling: perspectives from information and knowledge visualization. Inf. Vis. 5, 192–201 (2006)CrossRef

Moon, B., Hoffman, R.R., Novak, J., Canas, A. (eds.): Applied Concept Mapping: Capturing, Analyzing, and Organizing Knowledge. CRC Press (2011). ISBN 9781439828601

Rasmusson, L., Jansson, S.: Simulated social control for secure internet commerce. In: Proceedings of the 1996 Workshop on New Security Paradigms (NSPW ‘96), pp. 18–25. Lake Arrowhead, CA (1996)

10.

Thomas, I., Menzel, M., Meinel, C.: Using quantified trust levels to describe authentication requirements in federated identity management. In: Proceedings of SWS’08, October 31, 2008, Fairfax, Virginia, USA, pp. 71–79. ACM 978-1-60558-292 (2008)

11.

Marsh, S.P.: Formalising trust as a computational concept. Stirling, Scotland: Ph.D. dissertation, Dept. Computing Science and Mathematics, University of Stirling (1994)

12.

Skopik, F., Schall, D., Dustdar, S.: Modeling and mining of dynamic trust in complex service-oriented systems. Inf. Syst. 35, 735–757 (2004)CrossRef

13.

Cayirci, E.: A joint trust and risk model for MSaaS mashups. In: Proceedings of the 2013 Winter Simulation Conference, 8–11 Dec 2013, Washington, D.C, pp. 1347–1358

14.

Kovac, D., Trcek, D.: Qualitative trust modeling in SOA. J. Syst. Architect. 55, 255–263 (2009)CrossRef

15.

Nair, S.K., Djordjevic, I., Crispo, B., Dimitrakos, T.: Secure web service federation management using TPM virtualisation. In: Proceedings of the 2007 Secure Web Services Workshop (SWS’07), pp. 112–121. Fairfax, VA (2007)

16.

17.

Ausubel, D.P.: Educational Psychology: A Cognitive View. Rinehart and Winston, New York (1968)

18.

Ausubel, D.P.: The Acquisition Retention of Knowledge: A Cognitive View. Kluwer, Dordrecht (2000)CrossRef

19.

Ford, K.M., Cañas, A.J., Coffey, J.W.: Participatory explanation. In: Proceedings of the Sixth Florida Artificial Intelligence Research Symposium (FLAIRS ‘93), Ft. Lauderdale, FL, Apr 1993. pp. 111–115

20.

McNeese, M., Zaff, B., Brown, C., Citera, M., Selvaraj, J.: Understanding the context of multidisciplinary design: establishing ecological validity in the study of design problem solving. In: Proceedings of the 37th Annual Meeting of the Human Factors Society, 1993. Santa Monica, CA

21.

McNeese, M., Zaff, B.S., Citera, M., Brown, C.E., Whitaker, R.: AKADAM: eliciting user knowledge to support participatory ergonomics. Int. J. Ind. Ergon. 15, 345–363 (1995)CrossRef

22.

Novak, J.D.: Learning, Creating, and Using Knowledge: Concept Maps As Facilitative Tools in Schools and Corporations. Lawrence Erlbaum and Associates (1998). ISBN-13: 978-0805826265

23.

Coffey, J.W.: Facilitating idea generation and decision-making with concept maps. J. Inf. Knowl. Manage. 3(2), 1–14 (2004)

24.

Coffey, J.W., Hoffman, R.R.: Knowledge modeling for the preservation of institutional memory. J. Knowl. Manage. 7(3), 38–49 (2003)CrossRef

25.

Coffey, J.W., Reichherzer, T., Wilde, N., Owsnicki-Klewe, B.: Automated concept-map generation from service-oriented architecture artifacts. In: Proceedings of the 5th International Conference on Concept Mapping. Valetta, Malta, Sept 2012

26.

Snider, D., Coffey, J.W., Reichherzer, T., Wilde, N., Terry, C., Vandeville, J., Heinen, A., Pramanik, S.: Using concept maps to introduce software security assurance cases. CrossTalk J. Defense Softw. Eng. 27(5), 4–9 (2014)

27.

Cañas, A.J., Hill, G., Carff, R., Suri, N., Lott, J., Eskridge, T., Gómez, G., Arroyo, M., Carvajal, R.: CmapTools: a knowledge modeling and sharing environment. In: Cañas, A.J., Novak, J.D., González, F. (eds) Concept Maps: Theory, Methodology, Technology. Proceedings of the First International Conference on Concept Mapping, Pamplona, Spain (2004)

28.

Agudo, I., Vivas, J.L., López, J.: Security assurance during the software development cycle. In: Proceedings of CompSysTech ‘09, the International Conference on Computer Systems and Technologies and Workshop for PhD Students in Computing. ACM, June, 2009, pp. II.7-1–II.7-6

29.

Bilge, L., Dumitras, T.: Before we knew it an empirical study of zero-day attacks in the real world. In: Proceedings of CCS’12, October 16–18, 2012, Raleigh, North Carolina, USA. 2012, pp. 833–844. ACM 978-1-4503-165

Titel: Knowledge Elicitation and Conceptual Modeling to Foster Security and Trust in SOA System Evolution
verfasst von: John W. Coffey
Arthur Baskin
Dallas Snider
Verlag: Springer International Publishing
Buch: Emerging Trends in the Evolution of Service-Oriented and Enterprise Architectures
Print ISBN: 978-3-319-40562-9

Electronic ISBN: 978-3-319-40564-3

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-319-40564-3_4

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner