Asim, M., Yautsiukhin, A., Brucker, A.D. orcid.org/0000-0002-6355-1200 et al. (3 more authors) (2018) Security policy monitoring of BPMN-based service compositions. Journal of Software: Evolution and Process, 30 (9). e1944. ISSN 2047-7481
Abstract
Service composition is a key concept of Service- Oriented Architecture that allows for combining loosely coupled services that are offered and operated by different service providers. Such environments are expected to dynamically respond to changes that may occur at runtime, including changes in the environment and individual services themselves. Therefore, it is crucial to monitor these loosely-coupled services throughout their lifetime. In this paper, we present a novel framework for monitoring services at runtime and ensuring that services behave as they have promised. In particular, we focus on monitoring non-functional properties that are specified within an agreed security contract. The novelty of our work is based on the way in which monitoring information can be combined from multiple dynamic services to automate the monitoring of business processes and proactively report compliance violations. The framework enables monitoring of both atomic and composite services and provides a user friendly interface for specifying the monitoring policy. We provide an information service case study using a real composite service to demonstrate how we achieve compliance monitoring. The transformation of security policy into monitoring rules, which is done automatically, makes our framework more flexible and accurate than existing techniques.
Metadata
Item Type: | Article |
---|---|
Authors/Creators: |
|
Copyright, Publisher and Additional Information: | © 2018 John Wiley & Sons, Ltd. This is an author produced version of a paper subsequently published in Journal of Software: Evolution and Process. Uploaded in accordance with the publisher's self-archiving policy. |
Keywords: | Service-Oriented Computing; Composite services; Business process compliance; Compliance monitoring; Security |
Dates: |
|
Institution: | The University of Sheffield |
Academic Units: | The University of Sheffield > Faculty of Engineering (Sheffield) > Department of Computer Science (Sheffield) |
Depositing User: | Symplectic Sheffield |
Date Deposited: | 29 Jan 2018 10:39 |
Last Modified: | 16 Nov 2020 10:39 |
Status: | Published |
Publisher: | Wiley |
Refereed: | Yes |
Identification Number: | 10.1002/smr.1944 |
Open Archives Initiative ID (OAI ID): | oai:eprints.whiterose.ac.uk:126725 |