Menzel, Michael; Meinel, Christoph
Proceedings of the 2010 IEEE International Conference on Services Computing (SCC 2010)
Miami, Florida, USA
IEEE Computer Society
Service-oriented Architectures (SOA) facilitate the provision and orchestration of business services to enable a faster adoption to changing business demands. Web Services provide a technical foundation to realize this paradigm and support a variety of different security mechanisms and approaches. Security requirements are codified in Web Service policies that control the service's behavior in terms of secure interactions with other participants in an SOA. To facilitate and simplify the generation of enforceable security policies, we foster a model-driven approach based on the modelling of security requirements in system design models. This paper introduces our security design language SecureSOA that enables the definition of these security requirements. We present the abstract syntax and notion of SecureSOA and describe a schema to integrate SecureSOA in any system design language for service-based systems. Moreover, we will demonstrate the integration of SecureSOA in Fundamental Modelling Concept (FMC) Block Diagrams.