Berthold Agreiter

Sectet: an extensible framework for the realization of secure inter‐organizational workflows

Purpose – This contribution aims to present the core components of a framework and illustrate the main concepts of a methodology for the systematic design and realization of security‐critical inter‐organizational workflows with a portion of a workflow‐scenario drawn from e‐government. It is additionally shown how the framework can be adapted to incorporate advanced security patterns like the Qualified Signature, which extends the concept of digital signature by requiring a natural person to sign.Design/methodology/approach – The framework is based on a methodology that focuses on the correct implementation of security‐requirements and consists of a suite of tools that facilitates the cost‐efficient realization and management of decentralized, security‐critical workflows.Findings – The framework has been prototypically validated through case studies from the healthcare and e‐government sector. Positive results in pilot applications with industrial partners encourage further steps: the set of supported secu...

Automation Processes for Enterprise Architecture Management

Creating and maintaining an enterprise architecture model that is both up-to-date and accurate is a difficult task due to the size and complexity of the models and the dispersed nature of EA information in organizations. In current EA maintenance processes, the models are maintained manually with only little automation, which is a time consuming task. Literature from research and practice has identified this challenge, but only few scientific publications actually address the issue of EA model maintenance and its automation. In our research effort on Living Models, we are working towards solutions for a closer connection between EA models and what they represent in the real world. In this article we present (semi-)automated processes for maintaining enterprise architecture models by gathering information from both human input and technical interfaces and discuss implementation issues for realizing the processes in practice. This work is one of the first steps in the direction of minimizing manual work for EAM by automation and increasing EA data quality attributes such as consistency and actuality.

A web-based collaborative metamodeling environment with secure remote model access

This contribution presents GEMSjax - a web-based metamodeling tool for the collaborative development of domain specific languages. By making use of modern Web 2.0 technologies like Ajax and REST services, the tool allows for simultaneous web browser-based creation/ editing of metamodels and model instances, as well as secure remote model access via REST, which enables remote model modification over a simple HTTP-based interface. This paper describes the complex technical challenges we faced and solutions we produced to provide browser-based synchronous model editing. It further explains on the XACML-based access control mechanisms to provide secure remote access to models and model elements. Additionally, we highlight the usefulness of our approach by describing its application in a realistic usage scenario.

Evolution of security requirements tests for service-centric systems

Security is an important quality aspect of open service-- centric systems. However, it is challenging to keep such systems secure because of steady evolution. Thus, security requirements testing, considering system changes is crucial to provide a certain level of reliability in a service-centric system. In this paper, we present a model-driven method to system level security testing of service-centric systems focusing on the aspect of requirements, system and test evolution. As requirements and the system may change over time, regular adaptations to the tests of security requirements are essential to retain, or even improve, system quality. We attach state machines to all model elements of our systemand test model to obtain consistent and traceable evolution of the system and its tests. We highlight the specifics for the evolution of security requirements, and show by a case study how changes of the attached tests are managed.

Towards Living Landscape Models: Automated Integration of Infrastructure Cloud in Enterprise Architecture Management

Enterprise Architecture Management (EAM), and in particular IT--landscape management try to model the IT- and business elements of a company, in order to analyze its efficiency towards supporting business goals, optimize business--IT alignment, and to plan future IT--transformation as well as IT--standardization. A major challenge in this field is the elicitation of infrastructure information from run--time systems, e.g., to answer the question which servers provide services to a specific information system. Capturing this data is a time consuming manual task which leads to quickly outdated information. Similar to traditional hardware, cloud infrastructure needs to be documented in an EA modeling order to gain insight on its relationships with business information systems and ultimately the business goals. The aim of our research in this area is the automatic integration of various runtime information sources into an EAM view. The overall goal is to minimize manual work to keep enterprise architecture information up--to--date. This enables enterprise architects to make timely and precise decisions. In this work we focus on how information on the cloud infrastructure can be seamlessly integrated into an EA view. Making the cloud visible for enterprise architects is especially important to meet legal (privacy) requirements, on the storage and processing location of data. We present a conceptual approach for the information integration problem, and introduce our prototypical implementation with the open--source infrastructure cloud implementation Eucalyptus, and the open--source enterprise architecture management tool iteraplan.

Model-Driven Configuration of SELinux Policies

The need for access control in computer systems is inherent. However, the complexity to configure such systems is constantly increasing which affects the overall security of a system negatively. We think that it is important to define security requirements on a non-technical level while taking the application domain into respect in order to have a clear and separated view on security configuration (i.e. unblurred by technical details). On the other hand, security functionality has to be tightly integrated with the system and its development process in order to provide comprehensive means of enforcement. In this paper, we propose a systematic approach based on model-driven security configuration to leverage existing operating system security mechanisms (SELinux) for realising access control. We use UML models and develop a UML profile to satisfy these needs. Our goal is to exploit a comprehensive protection mechanism while rendering its security policy manageable by a domain specialist.

Managing Evolution of Service Centric Systems by Test Models

For various reasons, service centric systems are subject to continuous evolution. Therefore, regular adaptations to their tests are essential to keep, or even improve, their quality of service. In this paper, we present a model–based approach to manage tests for evolving service centric systems. We do so by attaching state machines to all model elements of our system model and test model to manage the consistent evolution of the system and its tests. In our approach, a modification to an arbitrary model element is propagated to related model elements. As a consequence, also these model elements may change their state. Based on test requirements, our approach enables the selective generation and automatic execution of a minimal regression test suite. We demonstrate our approach by a real–world industrial example.