nach oben

Information Systems Frontiers

Erschienen in:

01.07.2011

Derivation of trust federation for collaborative business processes

verfasst von: Ji Hu

Erschienen in: Information Systems Frontiers | Ausgabe 3/2011

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Service Oriented Architecture (SOA) is considered to be an important enabler of Internet of Services. By adopting SOA in development, business services can be offered, mediated, and traded as web services, so as to support agile and dynamic business collaborations on the Internet. Business collaboration is often implemented as cross-enterprise processes and involves more than one business entity which agrees to join the collaboration. To enable trustworthy and secure provision of services and service composition across enterprise boundaries, trust between business participants must be established, that is, user identities and access rights must be federated, to support business functions defined in the business processes. This paper proposes an approach which derives trust federation from formally described business process models, such as BPMN and WS-CDL processes, to automate security configuration of business collaborations. The result of the derivation is trust policies which identify trust relationships between business participants and can be enforced in enterprises’ service runtimes with support of a policy deployment infrastructure.

Vorheriger Artikel Global IT and IT-enabled services

Nächster Artikel A mixed transaction processing and operational reporting benchmark

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Alves, A., Arkin, A., Askary, S., Barreto, Ch., Bloch, B., Curbera, Fr. et al. (2007). Web services business process execution language version 2.0. OASIS Standard. Retrieved 19 March 2009 from http://docs.oasis-open.org/wsbpel/2.0/OS/wsbpel-v2.0-OS.html.

Amazon (2009). Amazon elastic compute cloud. Retrieved 19 March 2009 from http://aws.amazon.com/ec2/.

Bajaj, S., Della-Libera, G., Dixon, B., Dusche, M., Hondo, M., Hur, M., et al. (2003). Web services federation language (WS-Federation) version 1.0. Retrieved 19 March 2009 from http://msdn2.microsoft.com/en-us/library/ms951236.aspx.

Bajaj, S., Box, D., Chappell, D., Curbera, Fr., Daniels, G., Hallam-Baker, Ph. et al. (2006a). Web services policy 1.2—framework (WS-Policy). W3C Member Submission. Retrieved 19 March 2009 from http://www.w3.org/Submission/WS-Policy.

Bajaj, S., Box, D., Chappell, D., Curbera, Fr., Daniels, G., Hallam-Baker, Ph., et al. (2006b). Web services policy 1.2—attachment (WS-PolicyAttachment). W3C Member Submission. Retrieved 19 March 2009 from http://www.w3.org/Submission/WS-PolicyAttachment/.

Barros, A., Dumas, M., & Oaks, P. (2005). A critical overview of the web services choreography description language (WSCDL). BPTrends Newsletter, March 2005.

Becker, J., Kugeler, M., & Rosemann, M. (Ed.) (2003). Process management a guide for the design of business processes. Springer-Verlag.

Clement, L., Hately, Q., Riegen, K., & Rogers, T. (Ed.) (2004). UDDI version 3.0.2. UDDI Spec Technical Committee Draft. Retrieved 19 March 2009 from http://www.uddi.org/pubs/uddi_v3.htm.

Felkenr, A., & Kruk, T. (2007). Modeling trust management and security of information. ISSE/SECURE 2007 Securing Electronic Business Processes. Vieweg.

Fielding, T., & Taylor, N. (2002). Principled design of the modern web architecture. ACM Transactions on Internet Technology (TOIT). 115–150. Association for Computing Machinery.

Godik, O. S., & Moses, T. (Ed.) (2003). OASIS standard security assertion markup language (SAML) v1.1. Retrieved 19 March 2009 from http://www.oasis-open.org/specs/index.php#wssv1.0.

Google (2009). Google Apps. Retrieved 19 March 2009 from http://appengine.google.com/.

Heuser, L., Alsdorf, C., & Woods, D. (2008). International research forum 2007 (pp. 100–101). New York: Evolved Technologist Press.

Hirao, J., Choi, M., Cox, P., Passer, S., & Wun-Young, L. (Ed.) (2008). SAP security configuration and deployment: The IT administrator’s guide to best practices (1st ed). Syngress.

IBM (2009). Tivoli access manager. Retrieved 19 March 2009 from http://www-01.ibm.com/software/tivoli/products/access-mgr-esso/.

Kavantzas, N., Burdett, D., Ritzinger, G., Fletcher, F., Lafon, Y., & Barreto, Ch. (Ed.) (2005). Web services choreography description language version 1.0. W3C Candidate Recommendation 9. Retrieved 19 March 2009 from http://www.w3.org/TR/ws-cdl-10/.

Liberty Alliance (2009). Liberty alliance. Retrieved 30 September 2009 from http://www.projectliberty.org/.

Microsoft (2009). Active directory. Retrieved 19 March 2009 from http://www.microsoft.com/windowsserver2003/technologies/directory/activedirectory/default.mspx.

Nadalin, A., Kaler, Ch., Hallam-Baker, P., & Monzillo, R. (Ed.) (2004). Web services security v1.1. OASIS Standard. Retrieved 19 March 2009 from http://www.oasis-open.org/specs/index.php#wssv1.0.

Nadalin, A., Goodner, M., Gudgin, M., Barbir, A., & Granqvist, H. (2007). WS-trust 1.3. OASIS Standard. Retrieved 19 March 2009 from http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.html.

OMG (2007). MOF 2.0/XMI mapping specification, V2.1.1. Retrieved 19 March 2009 from http://www.omg.org/technology/documents/formal/xmi.htm.

OMG (2008). Business process model and notation (BPMN), version 1.1. Retrieved 19 March 2009 from http://www.omg.org/spec/BPMN/1.1.

OMG (2009). Business process modeling notation (BPMN) version 1.2. Retrieved 19 March 2009 from http://www.omg.org/spec/BPMN/1.2.

OMG-BPDM (2008). Business process definition metamodel. Retrieved 19 March 2009 from http://www.omg.org/spec/BPDM/1.0/.

OpenID Foundation (2009). OpenID. Retrieved 19 March 2009 from http://openid.net/.

Papazoglou, M. P., & Dubray, J. (2004). A survey of web service technologies. Technical Report DIT-04-058, Informatica e Telecomunicazioni, University of Trento.

Robinson, P., Kerschbaum, F., & Schaad, A. (2006). From business process choreography to authorization policies. In Proceedings of the 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (pp. 297–309). Springer.

Roser, S., & Bauer, B. (2005). A categorization of collaborative business process modeling techniques. In Proceedings of Seventh IEEE International Conference E-Commerce Technology Workshops.

Scheer, A. (1998). ARIS-Modellierungsmethoden, Metamodelle, Anwendungen. Springer.

Sermersheim, J. (Ed.) (2006). Lightweight directory access protocol (LDAP). Request for comments: 4511. Network Working Group. Retrieved 19 March 2009 from http://www.ietf.org/rfc/rfc4511.txt.

Shibboleth (2009). Shibboleth. Retrieved 19 March 2009 from http://shibboleth.internet2.edu/.

STP (2009). STP/BPMN modeler. Retrieved 19 March 2009 from http://www.eclipse.org/bpmn/.

Sun (2009). Sun OpenSSO enterprise. Retrieved 30 September 2009 from http://www.sun.com/software/products/opensso_enterprise/index.xml.

Theseus Programm (2009). TEXO —business webs in the internet of services. Retrieved 19 March 2009 from http://theseus-programm.de/en-us/theseus-application-scenarios/texo/default.aspx.

UN/CEFACT & OASIS (2001). ebXML business process specification, schema, version 1.01. Retrieved 19 March 2009 from http://www.ebxml.org/specs/ebBPSS.pdf.

Wolter, C., Menzel, M., Schaad, A., Miseldine, P., & Meinel, C. (2009). Model-driven business process security requirement specification. Journal of Systems Architecture: the EUROMICRO Journal, 211–223.

Titel: Derivation of trust federation for collaborative business processes
verfasst von: Ji Hu
Publikationsdatum: 01.07.2011
Verlag: Springer US
Erschienen in: Information Systems Frontiers / Ausgabe 3/2011
Print ISSN: 1387-3326
Elektronische ISSN: 1572-9419
DOI: https://doi.org/10.1007/s10796-010-9282-9

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 3/2011

Combining query-by-example and query expansion for simplifying web service discovery

A process mining based approach to knowledge maintenance

An ERP system performance assessment model development based on the balanced scorecard approach

Global IT and IT-enabled services

GIS enabled service site selection: Environmental analysis and beyond

A mixed transaction processing and operational reporting benchmark