Slim Kallel

Specifying and Monitoring Temporal Properties in Web Services Compositions

Current Web service composition approaches and languages such as WS-BPEL do not allow to define temporal constraints in a declarative and separate way. Also it is not possible to verify if there are contradictions between the temporal constraints implemented in the composition. These limitations lead to maintainability and correctness problems. In this paper, we tackle these problems through a novel approach to temporal constraints in Web service compositions, which combines formal methods and aspect-oriented programming. In this approach, we use a powerful and expressive formal language, called XTUS-Automata, for specifying time-related properties and we introduce specification patterns that ease the definition of such constraints. The formal specifications are translated automatically into AO4BPEL aspects, which ensure the runtime monitoring of the temporal constraints. Our approach enables a declarative, separate, and verifiable specification of temporal properties and it generates automatically modular enforcement code for those properties.

From Formal Access Control Policies to Runtime Enforcement Aspects

We present an approach that addresses both formal specification and verification as well as runtime enforcement of RBAC access control policies including application specific constraints such as separation of duties (SoD). We introduce Temporal

Combining formal methods and aspects for specifying and enforcing architectural invariants

cal{Z}

Modeling and enforcing invariants of dynamic software architectures

, a formal language based on Z and temporal logic, which provides domain specific predicates for expressing RBAC and SoD constraints. An aspect-oriented language with domain specific concepts for RBAC and SoD constraints is used for the runtime enforcement of policies. Enforcement aspects are automatically generated from Temporal

Track Report of Adaptive and Reconfigurable Service-Oriented and Component-Based Applications and Architectures (AROSA 2014)

cal{Z}

Aspect-based enforcement of formal delegation policies

specifications hence avoiding the possibility of errors and inconsistencies that may be introduced when enforcement code is written manually. Furthermore, the use of aspects ensures the modularity of the enforcement code and its separation from the business logic.

Optimal Cost for Time-Aware Cloud Resource Allocation in Business Process

Several types of invariants should be maintained when the architecture of a software application evolves. To specify these invariants in a reliable way, formal methods are used. However, current approaches suffer from two limitations. First, they support only certain types of invariants. Second, checking and enforcing the invariants is generally done by adding appropriate logic to the application implementation in a manual way, which is error-prone and may lead to architectural erosion. n nIn this paper, we combine the Z notation and Petri nets to specify formally architectural invariants in distributed object-oriented software applications. Moreover, we use a generative aspect-based approach to checking and enforcing these invariants. Thus, we bridge the gap between the formal specification and the implementation. Our approach brings several other benefits as the code that checks and enforces invariants is generated automatically and well-modularized in aspects.

RDyMASS: reliable and dynamic enforcement of security policies for mobile agent systems

In this paper, we propose an “end-to-end” approach that supports dynamic reconfiguration of software architectures taking advantage of graphical modeling, formal methods and aspect-oriented programming. There are three ingredients of the proposal. The specification end of the solution is covered by a new UML profile enabling to specify the desired architectural style (model), its invariants and the intended reconfiguration operations. In order to verify the consistency of the model and the preservation of the invariants after every reconfiguration, we automatically generate formal specifications in Z notation from the defined model. At the runtime enforcing end of the solution, we propose to encode the enforcement logic as aspect in the AspectJ language. The third important ingredient that makes our approach end-to-end is the automatic translation of formal specifications into aspect-based enforcement code.

Using Aspects for Enforcing Formal Architectural Invariants

The goal of the AROSA track is to bring together researchers and practitioners both from the Academia and from the Industry working in the areas of Service-oriented and component-based software applications and architectures and addressing adaptation and reconfiguration issues.

A holistic approach for access control policies: from formal specification to aspect-based enforcement

Delegation is a powerful concept in access control systems, which allows users to assign all or part of their permissions to other users. Several types of delegation models for role-based access control have been proposed so far. However, most existing works focus on the specification of delegation policies and there is very little work on the monitoring and enforcement of such policies at runtime. In this paper, we use a security approach combining formal methods and aspect-oriented programming for specifying and enforcing delegation policies. In our approach, delegation models and their characteristics are specified formally using TemporalZ, which is a combination of Z notation and temporal logic. Then, we verify the formal specification to ensure consistency using theorem proving. Finally, we generate automatically a set of aspects in the aspect-oriented language ALPHA from the TemporalZ specifications. These aspects enforce the specified delegation policies at runtime.