Ruth Breu

Towards a formalization of the Unified Modeling Language

The Unified Modeling Language UML is a language for specifying, visualizing and documenting object-oriented systems. UML combines the concepts of OOA/OOD, OMT and OOSE and is intended as a standard in the domain of object-oriented analysis and design. Due to the missing formal, mathematical foundation of UML the syntax and the semantics of a number of UML constructs are not precisely defined. This paper outlines a proposal for the formal foundation of UML that is based on a mathematical system model.

CBRFlow: Enabling Adaptive Workflow Management Through Conversational Case-Based Reasoning

In this paper we propose an architecture for an adaptive workflow management system (WFMS) and present the research prototype CBRFlow. CBRFlow extends workflow execution with conversational case-based reasoning (CCBR) to adapt the predefined workflow model to changing circumstances and to provide the WFMS with learning capabilities. Business rules within the predefined workflow model are annotated during run-time with context-specific information in the form of cases using the CCBR sub-system. When case reuse becomes frequent, the cases are manually refactored into rules to foster automatic execution. This feedback supports continuous process improvement, resulting in more manageable and more efficient business processes over time.

A general obligation model and continuity: enhanced policy enforcement engine for usage control

The usage control model (UCON) has been proposed to augment traditional access control models by integrating authorizations, obligations, and conditions and providing the properties of decision continuity and attribute mutability. Several recent work have applied UCON to support security requirements in different computing environments such as resource sharing in collaborative computing systems and data control in remote platforms. In this paper we identify two individual but interrelated problems of the original UCON model and recent implementations: oversimplifying the concept of usage session of the model, and the lack of comprehensive ongoing enforcement mechanism of implementations. We extend the core UCON model with continuous usage sessions thus extensively augment the expressiveness of obligations in UCON, and then propose a general, continuity-enhanced and configurable usage control enforcement engine. Finally we explain how our approach can satisfy flexible security requirements with an implemented prototype for a healthcare information system.

Security-critical system development with extended use cases

Due to increasing interconnection, IT systems are confronted with more and more attacks. To address this problem, we have to consider security requirements from the beginning of the system development. In early phases of system development, it is common to use a hybrid system view which is based on an object oriented modeling of the application core and the specification of use cases. We present an extension of this process for security-critical systems. We show a methodical approach for the development of security-critical systems and the modeling of security aspects in the application core with an extension of the Unified Modeling Language for secure systems development, UMLsec. Furthermore, we introduce security use cases for the development of security aspects in conjunction with behavioral modeling.

Sectet: an extensible framework for the realization of secure inter‐organizational workflows

Purpose – This contribution aims to present the core components of a framework and illustrate the main concepts of a methodology for the systematic design and realization of security‐critical inter‐organizational workflows with a portion of a workflow‐scenario drawn from e‐government. It is additionally shown how the framework can be adapted to incorporate advanced security patterns like the Qualified Signature, which extends the concept of digital signature by requiring a natural person to sign.Design/methodology/approach – The framework is based on a methodology that focuses on the correct implementation of security‐requirements and consists of a suite of tools that facilitates the cost‐efficient realization and management of decentralized, security‐critical workflows.Findings – The framework has been prototypically validated through case studies from the healthcare and e‐government sector. Positive results in pilot applications with industrial partners encourage further steps: the set of supported secu...

Model driven security for Web services (MDS4WS)

Model driven architecture is an approach to increase the quality of complex software systems based on creating high level system models that represent systems at different abstract levels and automatically generating system architectures from the models. We show how this paradigm can be applied to what we call model driven security for Web services. In our approach, a designer builds an interface model for the Web services along with security requirements using the object constraint language (OCL) and role based access control (RBAC) and then generates from these specifications a complete configured security infrastructure in the form of Extended Access Control Markup Language (XACML) policy files. Our approach can be used to improve productivity during the development of secure Web services and quality of resulting systems.

Quantitative Assessment of Enterprise Security System

In this paper we extend a model-based approach to security management with concepts and methods that provide a possibility for quantitative assessments. For this purpose we introduce security metrics and explain how they are aggregated using the underlying model as a frame. We measure numbers of attack of certain threats and estimate their likelihood of propagation along the dependencies in the underlying model. Using this approach we can identify which threats have the strongest impact on business security ob jectives and how various security controls might differ with regard to their effect in reducing these threats.

Model driven security for inter-organizational workflows in e-government

Model Driven Architecture is an approach to increase the quality of complex software systems by creating high-level system models and automatically generating system architectures and components out of these models. We show how this paradigm can be applied to what we call Model Driven Security for inter-organizational workflows in e-government. Our focus is on the realization of security-critical inter-organizational workflows in the context of web services and web service orchestration. Security requirements are specified at an abstract level using UML diagrams. Out of this specification security relevant artifacts are created for the target reference architecture based on upcoming web service security standards.

The relevance of model-driven engineering thirty years from now

Although model-driven engineering (MDE) is now an established approach for developing complex software systems, it has not been universally adopted by the software industry. In order to better understand the reasons for this, as well as to identify future opportunities for MDE, we carried out a week-long design thinking experiment with 15 MDE experts. Participants were facilitated to identify the biggest problems with current MDE technologies, to identify grand challenges for society in the near future, and to identify ways that MDE could help to address these challenges. The outcome is a reflection of the current strengths of MDE, an outlook of the most pressing challenges for society at large over the next three decades, and an analysis of key future MDE research opportunities.

Modeling permissions in a (U/X)ML world

In this paper we present a novel approach for the specification of access rights in a service oriented architecture. Being part of the SECTET framework for model driven security for B2B-workflows, our specification language SECTET-PL for permissions is influenced by the OCL specification language and is interpreted in the context of UML models. Concerning the technological side, SECTET-PL specifications are translated into platform independent XACML permissions interpreted by a security gateway.