Enforcement of entailment constraints in distributed service-based business processes

A distributed business process is executed in a distributed computing environment. The service-oriented architecture (SOA) paradigm is a popular option for the integration of software services and execution of distributed business processes. Entailment constraints, such as mutual exclusion and bindi...

Full description

Saved in:
Bibliographic Details
Published inInformation and software technology Vol. 55; no. 11; pp. 1884 - 1903
Main Authors Hummer, Waldemar, Gaubatz, Patrick, Strembeck, Mark, Zdun, Uwe, Dustdar, Schahram
Format Journal Article
LanguageEnglish
Published England Elsevier B.V 01.11.2013
Elsevier Science Ltd
Butterworths
Subjects
Architecture (computers)
Business Process Execution Language
Business process management
Computer programs
Enforcement
Entailment constraints
Identity and access management
Prototypes
Service oriented architecture
Service-Oriented Architecture (SOA)
Software
Software services
Studies
Systems integration
WS-BPEL
Identity and access management
Business process management
Service-Oriented Architecture (SOA)
Entailment constraints
WS-BPEL
Online AccessGet full text

Cover

Abstract A distributed business process is executed in a distributed computing environment. The service-oriented architecture (SOA) paradigm is a popular option for the integration of software services and execution of distributed business processes. Entailment constraints, such as mutual exclusion and binding constraints, are important means to control process execution. Mutually exclusive tasks result from the division of powerful rights and responsibilities to prevent fraud and abuse. In contrast, binding constraints define that a subject who performed one task must also perform the corresponding bound task(s). We aim to provide a model-driven approach for the specification and enforcement of task-based entailment constraints in distributed service-based business processes. Based on a generic metamodel, we define a domain-specific language (DSL) that maps the different modeling-level artifacts to the implementation-level. The DSL integrates elements from role-based access control (RBAC) with the tasks that are performed in a business process. Process definitions are annotated using the DSL, and our software platform uses automated model transformations to produce executable WS-BPEL specifications which enforce the entailment constraints. We evaluate the impact of constraint enforcement on runtime performance for five selected service-based processes from existing literature. Our evaluation demonstrates that the approach correctly enforces task-based entailment constraints at runtime. The performance experiments illustrate that the runtime enforcement operates with an overhead that scales well up to the order of several ten thousand logged invocations. Using our DSL annotations, the user-defined process definition remains declarative and clean of security enforcement code. Our approach decouples the concerns of (non-technical) domain experts from technical details of entailment constraint enforcement. The developed framework integrates seamlessly with WS-BPEL and the Web services technology stack. Our prototype implementation shows the feasibility of the approach, and the evaluation points to future work and further performance optimizations.
AbstractList A distributed business process is executed in a distributed computing environment. The service-oriented architecture (SOA) paradigm is a popular option for the integration of software services and execution of distributed business processes. Entailment constraints, such as mutual exclusion and binding constraints, are important means to control process execution. Mutually exclusive tasks result from the division of powerful rights and responsibilities to prevent fraud and abuse. In contrast, binding constraints define that a subject who performed one task must also perform the corresponding bound task(s). We aim to provide a model-driven approach for the specification and enforcement of task-based entailment constraints in distributed service-based business processes. Based on a generic metamodel, we define a domain-specific language (DSL) that maps the different modeling-level artifacts to the implementation-level. The DSL integrates elements from role-based access control (RBAC) with the tasks that are performed in a business process. Process definitions are annotated using the DSL, and our software platform uses automated model transformations to produce executable WS-BPEL specifications which enforce the entailment constraints. We evaluate the impact of constraint enforcement on runtime performance for five selected service-based processes from existing literature. Our evaluation demonstrates that the approach correctly enforces task-based entailment constraints at runtime. The performance experiments illustrate that the runtime enforcement operates with an overhead that scales well up to the order of several ten thousand logged invocations. Using our DSL annotations, the user-defined process definition remains declarative and clean of security enforcement code. Our approach decouples the concerns of (non-technical) domain experts from technical details of entailment constraint enforcement. The developed framework integrates seamlessly with WS-BPEL and the Web services technology stack. Our prototype implementation shows the feasibility of the approach, and the evaluation points to future work and further performance optimizations.
A distributed business process is executed in a distributed computing environment. The service-oriented architecture (SOA) paradigm is a popular option for the integration of software services and execution of distributed business processes. Entailment constraints, such as mutual exclusion and binding constraints, are important means to control process execution. Mutually exclusive tasks result from the division of powerful rights and responsibilities to prevent fraud and abuse. In contrast, binding constraints define that a subject who performed one task must also perform the corresponding bound task(s). We aim to provide a model-driven approach for the specification and enforcement of task-based entailment constraints in distributed service-based business processes.
A distributed business process is executed in a distributed computing environment. The service-oriented architecture (SOA) paradigm is a popular option for the integration of software services and execution of distributed business processes. Entailment constraints, such as mutual exclusion and binding constraints, are important means to control process execution. Mutually exclusive tasks result from the division of powerful rights and responsibilities to prevent fraud and abuse. In contrast, binding constraints define that a subject who performed one task must also perform the corresponding bound task(s).CONTEXTA distributed business process is executed in a distributed computing environment. The service-oriented architecture (SOA) paradigm is a popular option for the integration of software services and execution of distributed business processes. Entailment constraints, such as mutual exclusion and binding constraints, are important means to control process execution. Mutually exclusive tasks result from the division of powerful rights and responsibilities to prevent fraud and abuse. In contrast, binding constraints define that a subject who performed one task must also perform the corresponding bound task(s).We aim to provide a model-driven approach for the specification and enforcement of task-based entailment constraints in distributed service-based business processes.OBJECTIVEWe aim to provide a model-driven approach for the specification and enforcement of task-based entailment constraints in distributed service-based business processes.Based on a generic metamodel, we define a domain-specific language (DSL) that maps the different modeling-level artifacts to the implementation-level. The DSL integrates elements from role-based access control (RBAC) with the tasks that are performed in a business process. Process definitions are annotated using the DSL, and our software platform uses automated model transformations to produce executable WS-BPEL specifications which enforce the entailment constraints. We evaluate the impact of constraint enforcement on runtime performance for five selected service-based processes from existing literature.METHODBased on a generic metamodel, we define a domain-specific language (DSL) that maps the different modeling-level artifacts to the implementation-level. The DSL integrates elements from role-based access control (RBAC) with the tasks that are performed in a business process. Process definitions are annotated using the DSL, and our software platform uses automated model transformations to produce executable WS-BPEL specifications which enforce the entailment constraints. We evaluate the impact of constraint enforcement on runtime performance for five selected service-based processes from existing literature.Our evaluation demonstrates that the approach correctly enforces task-based entailment constraints at runtime. The performance experiments illustrate that the runtime enforcement operates with an overhead that scales well up to the order of several ten thousand logged invocations. Using our DSL annotations, the user-defined process definition remains declarative and clean of security enforcement code.RESULTSOur evaluation demonstrates that the approach correctly enforces task-based entailment constraints at runtime. The performance experiments illustrate that the runtime enforcement operates with an overhead that scales well up to the order of several ten thousand logged invocations. Using our DSL annotations, the user-defined process definition remains declarative and clean of security enforcement code.Our approach decouples the concerns of (non-technical) domain experts from technical details of entailment constraint enforcement. The developed framework integrates seamlessly with WS-BPEL and the Web services technology stack. Our prototype implementation shows the feasibility of the approach, and the evaluation points to future work and further performance optimizations.CONCLUSIONOur approach decouples the concerns of (non-technical) domain experts from technical details of entailment constraint enforcement. The developed framework integrates seamlessly with WS-BPEL and the Web services technology stack. Our prototype implementation shows the feasibility of the approach, and the evaluation points to future work and further performance optimizations.
A distributed business process is executed in a distributed computing environment. The service-oriented architecture paradigm is a popular option for the integration of software services and execution of distributed business processes. Entailment constraints, such as mutual exclusion and binding constraints, are important means to control process execution. Mutually exclusive tasks result from the division of powerful rights and responsibilities to prevent fraud and abuse. In contrast, binding constraints define that a subject who performed one task must also perform the corresponding bound task(s). This paper aims to provide a model-driven approach for the specification and enforcement of task-based entailment constraints in distributed service-based business processes. The approach decouples the concerns of (non-technical) domain experts from technical details of entailment constraint enforcement. The developed framework integrates seamlessly with WS-BPEL and the Web services technology stack. The prototype implementation shows the feasibility of the approach, and the evaluation points to future work and further performance optimizations.
Author Dustdar, Schahram
Hummer, Waldemar
Gaubatz, Patrick
Zdun, Uwe
Strembeck, Mark
AuthorAffiliation b Software Architecture Group, Faculty of Computer Science, University of Vienna, Austria
a Distributed Systems Group, Vienna University of Technology, Austria
c Institute of Information Systems, New Media Lab, Vienna University of Economics and Business, Austria
AuthorAffiliation_xml – name: c Institute of Information Systems, New Media Lab, Vienna University of Economics and Business, Austria
– name: a Distributed Systems Group, Vienna University of Technology, Austria
– name: b Software Architecture Group, Faculty of Computer Science, University of Vienna, Austria
Author_xml – sequence: 1
  givenname: Waldemar
  surname: Hummer
  fullname: Hummer, Waldemar
  email: hummer@infosys.tuwien.ac.at
  organization: Distributed Systems Group, Vienna University of Technology, Austria
– sequence: 2
  givenname: Patrick
  surname: Gaubatz
  fullname: Gaubatz, Patrick
  email: patrick.gaubatz@univie.ac.at
  organization: Software Architecture Group, Faculty of Computer Science, University of Vienna, Austria
– sequence: 3
  givenname: Mark
  surname: Strembeck
  fullname: Strembeck, Mark
  email: mark.strembeck@wu.ac.at
  organization: Institute of Information Systems, New Media Lab, Vienna University of Economics and Business, Austria
– sequence: 4
  givenname: Uwe
  surname: Zdun
  fullname: Zdun, Uwe
  email: uwe.zdun@univie.ac.at
  organization: Software Architecture Group, Faculty of Computer Science, University of Vienna, Austria
– sequence: 5
  givenname: Schahram
  surname: Dustdar
  fullname: Dustdar, Schahram
  email: dustdar@infosys.tuwien.ac.at
  organization: Distributed Systems Group, Vienna University of Technology, Austria
BackLink https://www.ncbi.nlm.nih.gov/pubmed/27667903$$D View this record in MEDLINE/PubMed
BookMark eNqFkk2LFDEQhoOsuLOr_0CkwYuXHitfnW4PgizrByx4cc8hH9WaoScZk-6B_fdmnHHRPbinoshTL2-q3gtyFlNEQl5SWFOg3dvNOsSxpHHNgPI1yDUAfUJWtFe87YDJM7KCQUIrezGck4tSNhVQwOEZOWeq69QAfEVur-OYssMtxrlJY1OLCdPvzqVY5mxCnEsTYuND7YJdZvRNwbwPDltrSu3sUkLEUppdTq5WLM_J09FMBV-c6iW5_Xj97epze_P105erDzetk0zMbUc9Z50EQMUVVRYHNhjvPPcAoCwbAJ1h1oC1Bnvf9U4Ct8r2RoJzo-CX5P1Rd7fYLXpXbWcz6V0OW5PvdDJB__sSww_9Pe21EB2lkleBNyeBnH4uWGa9DcXhNJmIaSma9lxyxYahfxyVlAtR_6Uq-voBuklLjnUTmgrO-k4wdaBe_W3-3vWf41RAHAGXUykZx3uEgj5kQG_0MQP6kAENUtcT17F3D8ZcmM0c0mEFYXps-LRRrGfbB8y6uIDRoQ8Z3ax9Cv8X-AWLetD1
CitedBy_id crossref_primary_10_7717_peerj_cs_115
crossref_primary_10_1016_j_infsof_2014_10_006
crossref_primary_10_1109_TSC_2023_3268651
crossref_primary_10_1016_j_procs_2017_08_151
crossref_primary_10_1016_j_jisa_2021_103006
crossref_primary_10_1016_j_infsof_2014_06_006
crossref_primary_10_1016_j_infsof_2020_106273
crossref_primary_10_1109_TR_2023_3235785
Cites_doi 10.1145/2480362.2480503
10.1016/S0164-1212(00)00089-3
10.1145/1880022.1880034
10.1109/TSC.2010.19
10.1016/j.sysarc.2008.10.002
10.1145/1063979.1063986
10.1109/ECBS.2009.14
10.1109/SP.1987.10001
10.1109/MSP.2010.46
10.1007/s11280-006-0016-3
10.1109/ICST.2011.55
10.1147/sj.403.0666
10.1109/5254.920599
10.1002/spe.936
10.1145/2480362.2480456
10.1145/1160434.1160449
10.1002/jcaf.20054
10.1145/1377836.1377854
10.1145/1015040.1015043
10.1145/1125808.1125810
10.1016/S1567-4223(02)00015-7
10.1142/S0218843003000814
10.1016/j.infsof.2010.11.015
10.1145/1118890.1118892
10.1145/990036.990062
10.1007/978-3-642-16934-2_16
10.1007/BFb0053381
10.1109/MC.2007.400
10.1109/MS.2003.1231146
10.1109/MIC.2005.21
10.1109/MIC.2003.1250583
10.1145/2335484.2335504
10.1007/978-3-642-21640-4_37
10.1109/MIC.2004.1260703
10.1145/1998441.1998446
10.1145/1346337.1346242
10.4018/jwsr.2008070102
10.1007/s10270-010-0156-x
10.1109/TSC.2009.27
10.1007/11821946_12
10.1145/300830.300837
10.1145/1998441.1998453
10.1145/1377836.1377853
10.1109/MC.2006.58
10.1145/1982185.1982520
10.5626/JCSE.2010.4.4.253
10.1016/j.entcs.2005.10.021
10.1109/MS.2003.1231150
10.1145/1330295.1330299
10.1109/PST.2010.5593232
10.1109/2.485845
10.1109/CBMS.2006.95
ContentType Journal Article
Copyright 2013 The Authors
Copyright Elsevier Science Ltd. Nov 2013
2013 The Authors 2013
Copyright_xml – notice: 2013 The Authors
– notice: Copyright Elsevier Science Ltd. Nov 2013
– notice: 2013 The Authors 2013
DBID 6I.
AAFTH
AAYXX
CITATION
NPM
7SC
8FD
JQ2
L7M
L~C
L~D
7X8
5PM
DOI 10.1016/j.infsof.2013.05.001
DatabaseName ScienceDirect Open Access Titles
Elsevier:ScienceDirect:Open Access
CrossRef
PubMed
Computer and Information Systems Abstracts
Technology Research Database
ProQuest Computer Science Collection
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts – Academic
Computer and Information Systems Abstracts Professional
MEDLINE - Academic
PubMed Central (Full Participant titles)
DatabaseTitle CrossRef
PubMed
Computer and Information Systems Abstracts
Technology Research Database
Computer and Information Systems Abstracts – Academic
Advanced Technologies Database with Aerospace
ProQuest Computer Science Collection
Computer and Information Systems Abstracts Professional
MEDLINE - Academic
DatabaseTitleList
Computer and Information Systems Abstracts
MEDLINE - Academic
PubMed
Computer and Information Systems Abstracts
Database_xml – sequence: 1
  dbid: NPM
  name: PubMed
  url: https://proxy.k.utb.cz/login?url=http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?db=PubMed
  sourceTypes: Index Database
DeliveryMethod fulltext_linktorsrc
Discipline Business
EISSN 1873-6025
EndPage 1903
ExternalDocumentID PMC4461153
3072929101
27667903
10_1016_j_infsof_2013_05_001
S0950584913001006
Genre Journal Article
Feature
GroupedDBID --K
--M
-~X
.DC
.~1
0R~
1B1
1~.
1~5
29I
4.4
457
4G.
5GY
5VS
6I.
7-5
71M
77K
8P~
9JN
AABNK
AACTN
AAEDT
AAEDW
AAFTH
AAIAV
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AAQXK
AAXUO
AAYFN
AAYOK
ABBOA
ABFNM
ABFRF
ABJNI
ABMAC
ABTAH
ABXDB
ABYKQ
ACDAQ
ACGFO
ACGFS
ACGOD
ACNNM
ACRLP
ACZNC
ADBBV
ADEZE
ADJOM
ADMUD
AEBSH
AEFWE
AEKER
AENEX
AFKWA
AFTJW
AGHFR
AGUBO
AGYEJ
AHHHB
AHZHX
AIALX
AIEXJ
AIKHN
AITUG
AJBFU
AJOXV
ALMA_UNASSIGNED_HOLDINGS
AMFUW
AMRAJ
AOUOD
ASPBG
AVWKF
AXJTR
AZFZN
BKOJK
BKOMP
BLXMC
CS3
DU5
EBS
EFJIC
EFLBG
EJD
EO8
EO9
EP2
EP3
FDB
FEDTE
FGOYB
FIRID
FNPLU
FYGXN
G-Q
G8K
GBLVA
GBOLZ
HLZ
HVGLF
HZ~
IHE
J1W
KOM
LG9
M41
MO0
MS~
N9A
O-L
O9-
OAUVE
OZT
P-8
P-9
P2P
PC.
PQQKQ
Q38
R2-
RIG
ROL
RPZ
SBC
SDF
SDG
SDP
SES
SEW
SPC
SPCBC
SSV
SSZ
T5K
TWZ
UHS
UNMZH
WH7
WUQ
XFK
ZY4
~G-
AATTM
AAXKI
AAYWO
AAYXX
ABDPE
ABWVN
ACRPL
ACVFH
ADCNI
ADNMO
AEIPS
AEUPX
AFJKZ
AFPUW
AFXIZ
AGCQF
AGQPQ
AGRNS
AIGII
AIIUN
AKBMS
AKRWK
AKYEP
ANKPU
APXCP
BNPGV
CITATION
SSH
NPM
7SC
8FD
EFKBS
JQ2
L7M
L~C
L~D
7X8
5PM
ID FETCH-LOGICAL-c524t-61d326500e73717be929adcd3d0007b290eca2ba0bbae8d68c503b7b8a50ccf43
IEDL.DBID .~1
ISSN 0950-5849
IngestDate Thu Aug 21 14:02:20 EDT 2025
Fri Jul 11 02:56:51 EDT 2025
Fri Jul 11 13:40:26 EDT 2025
Sun Jul 13 03:59:02 EDT 2025
Thu Apr 03 07:07:20 EDT 2025
Tue Jul 01 02:22:01 EDT 2025
Thu Apr 24 22:50:28 EDT 2025
Fri Feb 23 02:23:54 EST 2024
IsDoiOpenAccess true
IsOpenAccess true
IsPeerReviewed true
IsScholarly true
Issue 11
Keywords Identity and access management
Business process management
Service-Oriented Architecture (SOA)
Entailment constraints
WS-BPEL
Language English
License http://creativecommons.org/licenses/by/3.0
This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/3.0/).
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c524t-61d326500e73717be929adcd3d0007b290eca2ba0bbae8d68c503b7b8a50ccf43
Notes SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 14
ObjectType-Article-2
content type line 23
ObjectType-Article-1
ObjectType-Feature-2
OpenAccessLink https://www.sciencedirect.com/science/article/pii/S0950584913001006
PMID 27667903
PQID 1432864277
PQPubID 41979
PageCount 20
ParticipantIDs pubmedcentral_primary_oai_pubmedcentral_nih_gov_4461153
proquest_miscellaneous_1835372998
proquest_miscellaneous_1513445247
proquest_journals_1432864277
pubmed_primary_27667903
crossref_primary_10_1016_j_infsof_2013_05_001
crossref_citationtrail_10_1016_j_infsof_2013_05_001
elsevier_sciencedirect_doi_10_1016_j_infsof_2013_05_001
ProviderPackageCode CITATION
AAYXX
PublicationCentury 2000
PublicationDate November 2013
2013-11-00
2013-Nov
20131101
PublicationDateYYYYMMDD 2013-11-01
PublicationDate_xml – month: 11
  year: 2013
  text: November 2013
PublicationDecade 2010
PublicationPlace England
PublicationPlace_xml – name: England
– name: Amsterdam
PublicationTitle Information and software technology
PublicationTitleAlternate Inf Softw Technol
PublicationYear 2013
Publisher Elsevier B.V
Elsevier Science Ltd
Butterworths
Publisher_xml – name: Elsevier B.V
– name: Elsevier Science Ltd
– name: Butterworths
References Schefer, Strembeck, Mendling, Baumgrass (b0230) 2011
Braga (b0370) 2011; 10
Draheim (b0005) 2010; 4
Sandhu, Coyne, Feinstein, Youman (b0050) 1996; 29
J. Crampton, A reference monitor for workflow systems with constrained task execution, in: 10th ACM Symposium on Access Control Models and Technologies (SACMAT), 2005, pp. 38–47.
Stahl, Völter (b0120) 2006
K. Tan, J. Crampton, C. Gunter, The consistency of task-based authorization constraints in workflow systems, in: 17th IEEE Workshop on Computer Security Foundations (CSFW), 2004, pp. 155–169.
U. Zdun, M. Strembeck, Modeling composition in dynamic programming environments with model transformations, in: 5th International Symposium on Software Composition, 2006.
Spinellis (b0130) 2001; 56
Object Management Group, Meta Object Facility (MOF) 2.0 Query/View/Transformation Specification (January 2011). URL
W. Hummer, O. Raz, O. Shehory, P. Leitner, S. Dustdar, Test coverage of data-centric dynamic compositions in service-based systems, in: 4th International Conference on Software Testing, Verification and Validation (ICST), 2011, pp. 40–49.
Papazoglou, Traverso, Dustdar, Leymann (b0015) 2007; 40
W. Hummer, P. Gaubatz, M. Strembeck, U. Zdun, S. Dustdar, An integrated approach for identity and access management in a SOA context, in: 16th ACM Symposium on Access Control Models and Technologies (SACMAT), 2011, pp. 21–30.
A. Ferreira, R. Cruz-Correia, L. Antunes, P. Farinha, E. Oliveira-Palhares, D. Chadwick, A. Costa-Pereira, How to break access control in a controlled manner, in: 19th IEEE International Symposium on Computer-Based Medical Systems (CBMS), 2006, pp. 847–854.
M. Strembeck, J. Mendling, Generic algorithms for consistency checking of mutual-exclusion and binding constraints in a business process context, in: 18th International Conference on Cooperative Information Systems (CoopIS), 2010.
World Wide Web Consortium (W3C), XQuery 3.0: An XML Query Language, 2011
Paci, Bertino, Crampton (b0335) 2008; 5
Huhns, Singh (b0010) 2005; 9
M. Memon, M. Hafner, R. Breu, SECTISSIMO: A Platform-independent Framework for Security Services, in: Modeling Security Workshop at MODELS ’08, 2008.
von Riegen, Husemann, Fink, Ritter (b0410) 2010; 3
Cannon, Byers (b0030) 2006; 4
Weber, Reichert, Wild, Rinderle (b0400) 2005; vol. 3760
Mazzoleni, Crispo, Sivasubramanian, Bertino (b0345) 2008; 11
Schefer, Strembeck, Mendling (b0235) 2011
S. Schefer-Wenzl, M. Strembeck, A UML extension for modeling break-glass policies, in: 5th International Workshop on Enterprise Modelling and Information Systems Architectures (EMISA), 2012.
Scheer, Thomas, Adam (b0270) 2005
.
McIlraith, Son, Zeng (b0310) 2001; 16
Botha, Eloff (b0085) 2001; 40
Leitner, Hummer, Dustdar (b0025) 2011
Mishra, Weistroffer (b0040) 2007; 20
World Wide Web Consortium (W3C), Web services activity
M. Jensen, S. Feja, A security modeling approach for web-service-based business processes, in: 16th Annual IEEE International Conference on the Engineering of Computer Based Systems (ECBS’09), 2009, pp. 340–347.
Crampton, Gutin, Yeo (b0220) 2012
Sadiq, Orlowska (b0380) 2000
Wolter, Schaad, Meinel (b0100) 2008
Wainer, Barthelmes, Kumar (b0065) 2003; 12
S. Marinovic, R. Craven, J. Ma, N. Dulay, Rumpole: a flexible break-glass access control model, in: 16th ACM Symposium on Access Control Models and Technologies (SACMAT), 2011.
A. Mourad, S. Ayoubi, H. Yahyaoui, H. Otrok, New approach for the dynamic enforcement of Web services security, in: 8th International Conference on Privacy Security and Trust, 2010, pp. 189–196.
Mernik, Heering, Sloane (b0125) 2005; 37
Skogsrud, Benatallah, Casati (b0295) 2003; 7
Mens, Gorp (b0145) 2006; 152
P. Gaubatz, U. Zdun, Supporting entailment constraints in the context of collaborative web applications, in: 28th Symposium on Applied Computing (SAC), ACM, 2013.
Fensel, Bussler (b0305) 2002; 1
OASIS, eXtensible Access Control Markup Language, 2005
Foster, Uchitel, Magee, Kramer (b0300) 2010; 3
OASIS, Metadata for the OASIS Security Assertion Markup Language (SAML), 2005
S. Smirnov, H.A. Reijers, M. Weske, A semantic approach for business process model abstraction, in: 23rd International Conference on Advanced Information Systems Engineering (CAiSE), 2011, pp. 497–511.
Charfi, Mezini (b0365) 2007; 10
OASIS, WS-SecurityPolicy 1.3, 2009
Basin, Doser, Lodderstedt (b0330) 2006; 15
Benatallah, Casati, Toumani (b0415) 2004; 8
C. Inzinger, W. Hummer, B. Satzger, P. Leitner, S. Dustdar, Identifying incompatible service implementations using pooled decision trees, in: 28th ACM Symposium on Applied Computing (SAC), 2013, pp. 485–492.
World Wide Web Consortium (W3C), XSL Transformations (XSLT) Version 2.0, 2007
Hoisl, Strembeck (b0200) 2012
W. Hummer, P. Leitner, S. Dustdar, WS-aggregation: distributed aggregation of web services data, in: ACM Symposium On Applied Computing (SAC), 2011.
D. Lin, P. Rao, E. Bertino, N. Li, J. Lobo, Policy decomposition for collaborative access control, in: 13th ACM SACMAT, 2008, pp. 103–112.
Lodderstedt, Basin, Doser (b0375) 2002
Object Management Group, UML 2.4.1 Superstructure, August 2011
OASIS, Web Services Business Process Execution Language, 2007
Czarnecki, Helsen (b0350) 2006; 45
World Wide Web Consortium (W3C), XML Signature Syntax and Processing, 2008
W. Hummer, C. Inzinger, P. Leitner, B. Satzger, S. Dustdar, Deriving a unified fault taxonomy for event-based systems, in: 6th ACM International Conference on Distributed Event-Based Systems (DEBS’12), 2012.
D. Clark, D. Wilson, A comparison of commercial and military computer security policiesi, in: IEEE Symposium on Security and Privacy, 1987.
Selic (b0115) 2003; 20
OASIS, Security Assertion Markup Language, March 2005
M. Strembeck, U. Zdun, An approach for the systematic development of domain-specific languages, Software: Practice and Experience 39 (15) (2009).
Damianides (b0035) 2004; 15
Gaubatz, Hummer, Zdun, Strembeck (b0430) 2013
World Wide Web Consortium, SOAP Messaging Framework, 2007
Wang, Li (b0225) 2010; 13
M. Strembeck, A role engineering tool for role-based access control, in: 3rd Symposium on Requirements Engineering for Information Security, 2005.
D. Kulkarni, A. Tripathi, Context-aware role-based access control in pervasive computing systems, in: 13th ACM Symposium on Access Control Models and Technologies (SACMAT), 2008, pp. 113–122.
Strembeck, Neumann (b0285) 2004; 7
Bertino, Ferraria, Atluri (b0080) 1999; 2
Schäfer, Dolog, Nejdl (b0405) 2008; 2
N. Dimmock, A. Belokosztolszki, D. Eyers, J. Bacon, K. Moody, Using trust and risk in role-based access control policies, in: 9th ACM Symposium on Access Control Models and Technologies (SACMAT), 2004.
G. Kiczales, J. Lamping, A. Mendhekar, C. Maeda, C. Lopes, J.-M. Loingtier, J. Irwin, Aspect-oriented programming, in: European Conference on Object-Oriented Programming (ECOOP’97), 1997, pp. 220–242.
Strembeck (b0060) 2010; 8
Schmidt (b0110) 2006; 39
Wolter, Menzel, Schaad, Miseldine, Meinel (b0180) 2009; 55
U. Zdun, M. Strembeck, Reusable architectural decisions for dsl design: foundational decisions in DSL projects, in: 14th European Conference on Pattern Languages of Programs (EuroPLoP), 2009.
Eder, Gruber (b0385) 2002
S. Sendall, W. Kozaczynski, Model transformation: the heart and soul of model-driven software development, IEEE Software 20 (5) (2003).
Strembeck, Mendling (b0070) 2011; 53
Ferraiolo, Kuhn, Chandramouli (b0045) 2007
Baumgrass, Baier, Mendling, Strembeck (b0255) 2011
Wolter (10.1016/j.infsof.2013.05.001_b0180) 2009; 55
10.1016/j.infsof.2013.05.001_b0215
Strembeck (10.1016/j.infsof.2013.05.001_b0285) 2004; 7
Spinellis (10.1016/j.infsof.2013.05.001_b0130) 2001; 56
10.1016/j.infsof.2013.05.001_b0250
10.1016/j.infsof.2013.05.001_b0095
10.1016/j.infsof.2013.05.001_b0175
10.1016/j.infsof.2013.05.001_b0210
10.1016/j.infsof.2013.05.001_b0055
Czarnecki (10.1016/j.infsof.2013.05.001_b0350) 2006; 45
10.1016/j.infsof.2013.05.001_b0135
Ferraiolo (10.1016/j.infsof.2013.05.001_b0045) 2007
Scheer (10.1016/j.infsof.2013.05.001_b0270) 2005
10.1016/j.infsof.2013.05.001_b0090
Papazoglou (10.1016/j.infsof.2013.05.001_b0015) 2007; 40
10.1016/j.infsof.2013.05.001_b0290
10.1016/j.infsof.2013.05.001_b0170
Strembeck (10.1016/j.infsof.2013.05.001_b0070) 2011; 53
Damianides (10.1016/j.infsof.2013.05.001_b0035) 2004; 15
Sadiq (10.1016/j.infsof.2013.05.001_b0380) 2000
Gaubatz (10.1016/j.infsof.2013.05.001_b0430) 2013
Benatallah (10.1016/j.infsof.2013.05.001_b0415) 2004; 8
Lodderstedt (10.1016/j.infsof.2013.05.001_b0375) 2002
10.1016/j.infsof.2013.05.001_b0425
10.1016/j.infsof.2013.05.001_b0105
Eder (10.1016/j.infsof.2013.05.001_b0385) 2002
10.1016/j.infsof.2013.05.001_b0140
10.1016/j.infsof.2013.05.001_b0260
Stahl (10.1016/j.infsof.2013.05.001_b0120) 2006
10.1016/j.infsof.2013.05.001_b0340
10.1016/j.infsof.2013.05.001_b0020
10.1016/j.infsof.2013.05.001_b0185
10.1016/j.infsof.2013.05.001_b0265
Schefer (10.1016/j.infsof.2013.05.001_b0230) 2011
10.1016/j.infsof.2013.05.001_b0420
Draheim (10.1016/j.infsof.2013.05.001_b0005) 2010; 4
Mishra (10.1016/j.infsof.2013.05.001_b0040) 2007; 20
Wainer (10.1016/j.infsof.2013.05.001_b0065) 2003; 12
Cannon (10.1016/j.infsof.2013.05.001_b0030) 2006; 4
Charfi (10.1016/j.infsof.2013.05.001_b0365) 2007; 10
von Riegen (10.1016/j.infsof.2013.05.001_b0410) 2010; 3
10.1016/j.infsof.2013.05.001_b0315
Wang (10.1016/j.infsof.2013.05.001_b0225) 2010; 13
Baumgrass (10.1016/j.infsof.2013.05.001_b0255) 2011
Paci (10.1016/j.infsof.2013.05.001_b0335) 2008; 5
10.1016/j.infsof.2013.05.001_b0195
10.1016/j.infsof.2013.05.001_b0150
10.1016/j.infsof.2013.05.001_b0395
Strembeck (10.1016/j.infsof.2013.05.001_b0060) 2010; 8
10.1016/j.infsof.2013.05.001_b0075
Crampton (10.1016/j.infsof.2013.05.001_b0220) 2012
10.1016/j.infsof.2013.05.001_b0155
10.1016/j.infsof.2013.05.001_b0275
Sandhu (10.1016/j.infsof.2013.05.001_b0050) 1996; 29
10.1016/j.infsof.2013.05.001_b0355
Weber (10.1016/j.infsof.2013.05.001_b0400) 2005; vol. 3760
Braga (10.1016/j.infsof.2013.05.001_b0370) 2011; 10
10.1016/j.infsof.2013.05.001_b0190
10.1016/j.infsof.2013.05.001_b0390
Wolter (10.1016/j.infsof.2013.05.001_b0100) 2008
Basin (10.1016/j.infsof.2013.05.001_b0330) 2006; 15
Mazzoleni (10.1016/j.infsof.2013.05.001_b0345) 2008; 11
Huhns (10.1016/j.infsof.2013.05.001_b0010) 2005; 9
Schefer (10.1016/j.infsof.2013.05.001_b0235) 2011
Mens (10.1016/j.infsof.2013.05.001_b0145) 2006; 152
10.1016/j.infsof.2013.05.001_b0205
Foster (10.1016/j.infsof.2013.05.001_b0300) 2010; 3
Hoisl (10.1016/j.infsof.2013.05.001_b0200) 2012
10.1016/j.infsof.2013.05.001_b0325
Fensel (10.1016/j.infsof.2013.05.001_b0305) 2002; 1
Botha (10.1016/j.infsof.2013.05.001_b0085) 2001; 40
Leitner (10.1016/j.infsof.2013.05.001_b0025) 2011
10.1016/j.infsof.2013.05.001_b0360
10.1016/j.infsof.2013.05.001_b0240
10.1016/j.infsof.2013.05.001_b0320
10.1016/j.infsof.2013.05.001_b0165
10.1016/j.infsof.2013.05.001_b0245
Schmidt (10.1016/j.infsof.2013.05.001_b0110) 2006; 39
Mernik (10.1016/j.infsof.2013.05.001_b0125) 2005; 37
Skogsrud (10.1016/j.infsof.2013.05.001_b0295) 2003; 7
McIlraith (10.1016/j.infsof.2013.05.001_b0310) 2001; 16
10.1016/j.infsof.2013.05.001_b0160
10.1016/j.infsof.2013.05.001_b0280
Selic (10.1016/j.infsof.2013.05.001_b0115) 2003; 20
Schäfer (10.1016/j.infsof.2013.05.001_b0405) 2008; 2
Bertino (10.1016/j.infsof.2013.05.001_b0080) 1999; 2
References_xml – reference: K. Tan, J. Crampton, C. Gunter, The consistency of task-based authorization constraints in workflow systems, in: 17th IEEE Workshop on Computer Security Foundations (CSFW), 2004, pp. 155–169.
– reference: S. Smirnov, H.A. Reijers, M. Weske, A semantic approach for business process model abstraction, in: 23rd International Conference on Advanced Information Systems Engineering (CAiSE), 2011, pp. 497–511.
– year: 2007
  ident: b0045
  article-title: Role-Based Access Control
– volume: 56
  start-page: 91
  year: 2001
  end-page: 99
  ident: b0130
  article-title: Notable design patterns for domain-specific languages
  publication-title: Journal of Systems and Software
– reference: S. Schefer-Wenzl, M. Strembeck, A UML extension for modeling break-glass policies, in: 5th International Workshop on Enterprise Modelling and Information Systems Architectures (EMISA), 2012.
– volume: 2
  start-page: 65
  year: 1999
  end-page: 104
  ident: b0080
  article-title: The specification and enforcement of authorization constraints in workflow management systems
  publication-title: ACM Transactions on Information and System Security
– volume: 8
  start-page: 46
  year: 2004
  end-page: 54
  ident: b0415
  article-title: Web service conversation modeling: a cornerstone for e-business automation
  publication-title: IEEE Internet Computing
– reference: U. Zdun, M. Strembeck, Reusable architectural decisions for dsl design: foundational decisions in DSL projects, in: 14th European Conference on Pattern Languages of Programs (EuroPLoP), 2009.
– volume: 53
  start-page: 456
  year: 2011
  end-page: 483
  ident: b0070
  article-title: Modeling process-related RBAC models with extended UML activity models
  publication-title: Information and Software Technology
– reference: M. Strembeck, A role engineering tool for role-based access control, in: 3rd Symposium on Requirements Engineering for Information Security, 2005.
– reference: J. Crampton, A reference monitor for workflow systems with constrained task execution, in: 10th ACM Symposium on Access Control Models and Technologies (SACMAT), 2005, pp. 38–47.
– volume: 12
  start-page: 455
  year: 2003
  end-page: 485
  ident: b0065
  article-title: W-RBAC – a workflow security model incorporating controlled overriding of constraints
  publication-title: International Journal of Cooperative Information Systems
– reference: D. Kulkarni, A. Tripathi, Context-aware role-based access control in pervasive computing systems, in: 13th ACM Symposium on Access Control Models and Technologies (SACMAT), 2008, pp. 113–122.
– reference: M. Strembeck, J. Mendling, Generic algorithms for consistency checking of mutual-exclusion and binding constraints in a business process context, in: 18th International Conference on Cooperative Information Systems (CoopIS), 2010.
– reference: OASIS, Metadata for the OASIS Security Assertion Markup Language (SAML), 2005 <
– start-page: 267
  year: 2000
  end-page: 280
  ident: b0380
  article-title: On business process model transformations
  publication-title: 19th International Conference on Conceptual Modeling
– start-page: 51
  year: 2008
  end-page: 60
  ident: b0100
  article-title: Task-based entailment constraints for basic workflow patterns
  publication-title: 13th ACM Symposium on Access Control Models and Technologies (SACMAT)
– year: 2011
  ident: b0230
  article-title: Detecting and resolving conflicts of mutual-exclusion and binding constraints in a business process context
  publication-title: 19th International Conference on Cooperative Information Systems (CoopIS’11)
– start-page: 426
  year: 2002
  end-page: 441
  ident: b0375
  article-title: Secureuml: a uml-based modeling language for model-driven security
  publication-title: 5th International Conference on The Unified Modeling Language (UML’02)
– reference: S. Sendall, W. Kozaczynski, Model transformation: the heart and soul of model-driven software development, IEEE Software 20 (5) (2003).
– volume: 8
  start-page: 28
  year: 2010
  end-page: 35
  ident: b0060
  article-title: Scenario-driven role engineering
  publication-title: IEEE Security & Privacy
– reference: World Wide Web Consortium (W3C), XSL Transformations (XSLT) Version 2.0, 2007 <
– reference: W. Hummer, O. Raz, O. Shehory, P. Leitner, S. Dustdar, Test coverage of data-centric dynamic compositions in service-based systems, in: 4th International Conference on Software Testing, Verification and Validation (ICST), 2011, pp. 40–49.
– volume: 20
  start-page: 712
  year: 2007
  end-page: 727
  ident: b0040
  article-title: A framework for integrating sarbanes-oxley compliance into the systems development process
  publication-title: Communications of the Association for Information Systems (CAIS)
– reference: S. Marinovic, R. Craven, J. Ma, N. Dulay, Rumpole: a flexible break-glass access control model, in: 16th ACM Symposium on Access Control Models and Technologies (SACMAT), 2011.
– volume: 20
  start-page: 19
  year: 2003
  end-page: 25
  ident: b0115
  article-title: The pragmatics of model-driven development
  publication-title: IEEE Software
– year: 2013
  ident: b0430
  article-title: Supporting customized views for enforcing access control constraints in real-time collaborative web applications
  publication-title: 13th International Conference on Web Engineering (ICWE)
– reference: A. Mourad, S. Ayoubi, H. Yahyaoui, H. Otrok, New approach for the dynamic enforcement of Web services security, in: 8th International Conference on Privacy Security and Trust, 2010, pp. 189–196.
– reference: OASIS, Web Services Business Process Execution Language, 2007 <
– reference: W. Hummer, P. Leitner, S. Dustdar, WS-aggregation: distributed aggregation of web services data, in: ACM Symposium On Applied Computing (SAC), 2011.
– volume: 5
  start-page: 20
  year: 2008
  end-page: 43
  ident: b0335
  article-title: An access-control framework for WS-BPEL
  publication-title: International Journal of Web Services Research
– volume: 15
  start-page: 35
  year: 2004
  end-page: 41
  ident: b0035
  article-title: How does SOX change IT?
  publication-title: Journal of Corporate Accounting & Finance
– volume: 3
  start-page: 131
  year: 2010
  end-page: 144
  ident: b0300
  article-title: An integrated workbench for model-based engineering of service compositions
  publication-title: IEEE Transactions on Services Computing
– reference: W. Hummer, C. Inzinger, P. Leitner, B. Satzger, S. Dustdar, Deriving a unified fault taxonomy for event-based systems, in: 6th ACM International Conference on Distributed Event-Based Systems (DEBS’12), 2012.
– year: 2005
  ident: b0270
  article-title: Process Modeling using Event-Driven Process Chains
– reference: World Wide Web Consortium (W3C), XQuery 3.0: An XML Query Language, 2011 <
– volume: 13
  start-page: 40:1
  year: 2010
  end-page: 40:35
  ident: b0225
  article-title: Satisfiability and resiliency in workflow authorization systems
  publication-title: ACM Transactions on Information and System Security (TISSEC)
– volume: 7
  start-page: 392
  year: 2004
  end-page: 427
  ident: b0285
  article-title: An integrated approach to engineer and enforce context constraints in RBAC environments
  publication-title: ACM Transactions on Information and System Security
– volume: 2
  start-page: 14:1
  year: 2008
  end-page: 14:36
  ident: b0405
  article-title: An environment for flexible advanced compensations of web service transactions
  publication-title: ACM Transactions on the Web
– reference: A. Ferreira, R. Cruz-Correia, L. Antunes, P. Farinha, E. Oliveira-Palhares, D. Chadwick, A. Costa-Pereira, How to break access control in a controlled manner, in: 19th IEEE International Symposium on Computer-Based Medical Systems (CBMS), 2006, pp. 847–854.
– volume: 29
  start-page: 38
  year: 1996
  end-page: 47
  ident: b0050
  article-title: Role-based access control models
  publication-title: Computer
– reference: M. Jensen, S. Feja, A security modeling approach for web-service-based business processes, in: 16th Annual IEEE International Conference on the Engineering of Computer Based Systems (ECBS’09), 2009, pp. 340–347.
– reference: C. Inzinger, W. Hummer, B. Satzger, P. Leitner, S. Dustdar, Identifying incompatible service implementations using pooled decision trees, in: 28th ACM Symposium on Applied Computing (SAC), 2013, pp. 485–492.
– reference: World Wide Web Consortium, SOAP Messaging Framework, 2007 <
– reference: M. Memon, M. Hafner, R. Breu, SECTISSIMO: A Platform-independent Framework for Security Services, in: Modeling Security Workshop at MODELS ’08, 2008.
– volume: 1
  start-page: 113
  year: 2002
  end-page: 137
  ident: b0305
  article-title: The web service modeling framework WSMF
  publication-title: Electronic Commerce Research and Applications
– reference: M. Strembeck, U. Zdun, An approach for the systematic development of domain-specific languages, Software: Practice and Experience 39 (15) (2009).
– volume: 40
  start-page: 38
  year: 2007
  end-page: 45
  ident: b0015
  article-title: Service-oriented computing: state of the art and research challenges
  publication-title: IEEE Computer
– volume: 37
  start-page: 316
  year: 2005
  end-page: 344
  ident: b0125
  article-title: When and how to develop domain-specific languages
  publication-title: ACM Computing Surveys
– year: 2011
  ident: b0235
  article-title: Checking satisfiability aspects of binding constraints in a business process context
  publication-title: Workshop on Workflow Security Audit and Certification (WfSAC)
– reference: Object Management Group, Meta Object Facility (MOF) 2.0 Query/View/Transformation Specification (January 2011). URL:
– volume: 9
  start-page: 75
  year: 2005
  end-page: 81
  ident: b0010
  article-title: Service-oriented computing: key concepts and principles
  publication-title: IEEE Internet Computing
– reference: G. Kiczales, J. Lamping, A. Mendhekar, C. Maeda, C. Lopes, J.-M. Loingtier, J. Irwin, Aspect-oriented programming, in: European Conference on Object-Oriented Programming (ECOOP’97), 1997, pp. 220–242.
– reference: OASIS, Security Assertion Markup Language, March 2005 <
– reference: World Wide Web Consortium (W3C), Web services activity <
– volume: 40
  start-page: 666
  year: 2001
  end-page: 682
  ident: b0085
  article-title: Separation of duties for access control enforcement in workflow environments
  publication-title: IBM Systems Journal
– start-page: 326
  year: 2002
  end-page: 339
  ident: b0385
  article-title: A meta model for structured workflows supporting workflow transformations
  publication-title: 6th East European Conference on Advances in Databases and Information Systems (ADBIS’02)
– volume: 4
  start-page: 30
  year: 2006
  end-page: 37
  ident: b0030
  article-title: Compliance deconstructed
  publication-title: ACM Queue
– reference: OASIS, WS-SecurityPolicy 1.3, 2009 <
– reference: P. Gaubatz, U. Zdun, Supporting entailment constraints in the context of collaborative web applications, in: 28th Symposium on Applied Computing (SAC), ACM, 2013.
– volume: 39
  start-page: 25
  year: 2006
  end-page: 31
  ident: b0110
  article-title: Guest editor’s introduction: model-driven engineering
  publication-title: IEEE Computer
– volume: 4
  start-page: 253
  year: 2010
  end-page: 275
  ident: b0005
  article-title: The service-oriented metaphor deciphered
  publication-title: JCSE
– volume: 10
  start-page: 395
  year: 2011
  end-page: 409
  ident: b0370
  article-title: A transformation contract to generate aspects from access control policies
  publication-title: Software and Systems Modeling
– volume: 7
  start-page: 45
  year: 2003
  end-page: 52
  ident: b0295
  article-title: Model-driven trust negotiation for web services
  publication-title: IEEE Internet Computing
– reference: World Wide Web Consortium (W3C), XML Signature Syntax and Processing, 2008 <
– reference: >.
– reference: D. Clark, D. Wilson, A comparison of commercial and military computer security policiesi, in: IEEE Symposium on Security and Privacy, 1987.
– volume: 10
  start-page: 309
  year: 2007
  end-page: 344
  ident: b0365
  article-title: AO4BPEL: an aspect-oriented extension to BPEL
  publication-title: World Wide Web Journal – Special Issue: Recent Advances in Web Services
– start-page: 857
  year: 2012
  end-page: 868
  ident: b0220
  article-title: On the parameterized complexity of the workflow satisfiability problem
  publication-title: 19th ACM Conference on Computer and Communications Security (CCS)
– reference: W. Hummer, P. Gaubatz, M. Strembeck, U. Zdun, S. Dustdar, An integrated approach for identity and access management in a SOA context, in: 16th ACM Symposium on Access Control Models and Technologies (SACMAT), 2011, pp. 21–30.
– reference: .
– volume: vol. 3760
  start-page: 59
  year: 2005
  end-page: 76
  ident: b0400
  article-title: Balancing flexibility and security in adaptive process management systems
  publication-title: On the Move to Meaningful Internet Systems 2005: CoopIS, DOA, and ODBASE
– start-page: 1
  year: 2011
  ident: b0025
  article-title: Cost-based optimization of service compositions
  publication-title: IEEE Transactions on Services Computing
– reference: U. Zdun, M. Strembeck, Modeling composition in dynamic programming environments with model transformations, in: 5th International Symposium on Software Composition, 2006.
– reference: Object Management Group, UML 2.4.1 Superstructure, August 2011 <
– year: 2012
  ident: b0200
  article-title: A UML extension for the model-driven specification of audit rules
  publication-title: 2nd International Workshop on Information Systems Security Engineering (WISSE)
– reference: OASIS, eXtensible Access Control Markup Language, 2005 <
– volume: 3
  start-page: 60
  year: 2010
  end-page: 72
  ident: b0410
  article-title: Rule-based coordination of distributed web service transactions
  publication-title: IEEE Transactions on Services Computing
– volume: 55
  start-page: 211
  year: 2009
  end-page: 223
  ident: b0180
  article-title: Model-driven business process security requirement specification
  publication-title: Journal of Systems Architecture
– year: 2011
  ident: b0255
  article-title: Conformance checking of RBAC policies in process-aware information systems
  publication-title: BPM’11 Workshop on Workflow Security Audit and Certification (WfSAC)
– volume: 45
  start-page: 621
  year: 2006
  end-page: 645
  ident: b0350
  article-title: Feature-based survey of model transformation approaches
  publication-title: IBM Systems Journal – Model-Driven Software Development
– year: 2006
  ident: b0120
  article-title: Model-Driven Software Development
– volume: 152
  start-page: 125
  year: 2006
  end-page: 142
  ident: b0145
  article-title: A taxonomy of model transformation
  publication-title: Electronic Notes in Theoretical Computer Science
– volume: 11
  start-page: 4:1
  year: 2008
  end-page: 4:29
  ident: b0345
  article-title: XACML policy integration algorithms
  publication-title: ACM Transactions on Information and System Security
– reference: D. Lin, P. Rao, E. Bertino, N. Li, J. Lobo, Policy decomposition for collaborative access control, in: 13th ACM SACMAT, 2008, pp. 103–112.
– volume: 16
  start-page: 46
  year: 2001
  end-page: 53
  ident: b0310
  article-title: Semantic web services
  publication-title: IEEE Intelligent Systems
– volume: 15
  start-page: 39
  year: 2006
  end-page: 91
  ident: b0330
  article-title: Model driven security: from UML models to access control infrastructures
  publication-title: ACM Transactions on Software Engineering Methodology
– reference: N. Dimmock, A. Belokosztolszki, D. Eyers, J. Bacon, K. Moody, Using trust and risk in role-based access control policies, in: 9th ACM Symposium on Access Control Models and Technologies (SACMAT), 2004.
– ident: 10.1016/j.infsof.2013.05.001_b0185
– ident: 10.1016/j.infsof.2013.05.001_b0425
  doi: 10.1145/2480362.2480503
– volume: 56
  start-page: 91
  issue: 1
  year: 2001
  ident: 10.1016/j.infsof.2013.05.001_b0130
  article-title: Notable design patterns for domain-specific languages
  publication-title: Journal of Systems and Software
  doi: 10.1016/S0164-1212(00)00089-3
– volume: 13
  start-page: 40:1
  issue: 4
  year: 2010
  ident: 10.1016/j.infsof.2013.05.001_b0225
  article-title: Satisfiability and resiliency in workflow authorization systems
  publication-title: ACM Transactions on Information and System Security (TISSEC)
  doi: 10.1145/1880022.1880034
– ident: 10.1016/j.infsof.2013.05.001_b0275
– volume: 3
  start-page: 131
  issue: 2
  year: 2010
  ident: 10.1016/j.infsof.2013.05.001_b0300
  article-title: An integrated workbench for model-based engineering of service compositions
  publication-title: IEEE Transactions on Services Computing
  doi: 10.1109/TSC.2010.19
– volume: 20
  start-page: 712
  issue: 1
  year: 2007
  ident: 10.1016/j.infsof.2013.05.001_b0040
  article-title: A framework for integrating sarbanes-oxley compliance into the systems development process
  publication-title: Communications of the Association for Information Systems (CAIS)
– year: 2012
  ident: 10.1016/j.infsof.2013.05.001_b0200
  article-title: A UML extension for the model-driven specification of audit rules
– ident: 10.1016/j.infsof.2013.05.001_b0175
– volume: 55
  start-page: 211
  year: 2009
  ident: 10.1016/j.infsof.2013.05.001_b0180
  article-title: Model-driven business process security requirement specification
  publication-title: Journal of Systems Architecture
  doi: 10.1016/j.sysarc.2008.10.002
– ident: 10.1016/j.infsof.2013.05.001_b0215
  doi: 10.1145/1063979.1063986
– ident: 10.1016/j.infsof.2013.05.001_b0265
  doi: 10.1109/ECBS.2009.14
– ident: 10.1016/j.infsof.2013.05.001_b0075
  doi: 10.1109/SP.1987.10001
– start-page: 51
  year: 2008
  ident: 10.1016/j.infsof.2013.05.001_b0100
  article-title: Task-based entailment constraints for basic workflow patterns
– volume: 8
  start-page: 28
  issue: 1
  year: 2010
  ident: 10.1016/j.infsof.2013.05.001_b0060
  article-title: Scenario-driven role engineering
  publication-title: IEEE Security & Privacy
  doi: 10.1109/MSP.2010.46
– ident: 10.1016/j.infsof.2013.05.001_b0020
– year: 2011
  ident: 10.1016/j.infsof.2013.05.001_b0235
  article-title: Checking satisfiability aspects of binding constraints in a business process context
– start-page: 426
  year: 2002
  ident: 10.1016/j.infsof.2013.05.001_b0375
  article-title: Secureuml: a uml-based modeling language for model-driven security
– year: 2011
  ident: 10.1016/j.infsof.2013.05.001_b0255
  article-title: Conformance checking of RBAC policies in process-aware information systems
– start-page: 267
  year: 2000
  ident: 10.1016/j.infsof.2013.05.001_b0380
  article-title: On business process model transformations
– volume: 10
  start-page: 309
  year: 2007
  ident: 10.1016/j.infsof.2013.05.001_b0365
  article-title: AO4BPEL: an aspect-oriented extension to BPEL
  publication-title: World Wide Web Journal – Special Issue: Recent Advances in Web Services
  doi: 10.1007/s11280-006-0016-3
– ident: 10.1016/j.infsof.2013.05.001_b0390
  doi: 10.1109/ICST.2011.55
– ident: 10.1016/j.infsof.2013.05.001_b0165
– ident: 10.1016/j.infsof.2013.05.001_b0190
– volume: 40
  start-page: 666
  issue: 3
  year: 2001
  ident: 10.1016/j.infsof.2013.05.001_b0085
  article-title: Separation of duties for access control enforcement in workflow environments
  publication-title: IBM Systems Journal
  doi: 10.1147/sj.403.0666
– volume: 16
  start-page: 46
  issue: 2
  year: 2001
  ident: 10.1016/j.infsof.2013.05.001_b0310
  article-title: Semantic web services
  publication-title: IEEE Intelligent Systems
  doi: 10.1109/5254.920599
– ident: 10.1016/j.infsof.2013.05.001_b0140
  doi: 10.1002/spe.936
– volume: 45
  start-page: 621
  year: 2006
  ident: 10.1016/j.infsof.2013.05.001_b0350
  article-title: Feature-based survey of model transformation approaches
  publication-title: IBM Systems Journal – Model-Driven Software Development
– year: 2005
  ident: 10.1016/j.infsof.2013.05.001_b0270
– ident: 10.1016/j.infsof.2013.05.001_b0205
– year: 2013
  ident: 10.1016/j.infsof.2013.05.001_b0430
  article-title: Supporting customized views for enforcing access control constraints in real-time collaborative web applications
– ident: 10.1016/j.infsof.2013.05.001_b0395
  doi: 10.1145/2480362.2480456
– volume: 4
  start-page: 30
  issue: 7
  year: 2006
  ident: 10.1016/j.infsof.2013.05.001_b0030
  article-title: Compliance deconstructed
  publication-title: ACM Queue
  doi: 10.1145/1160434.1160449
– volume: 15
  start-page: 35
  issue: 6
  year: 2004
  ident: 10.1016/j.infsof.2013.05.001_b0035
  article-title: How does SOX change IT?
  publication-title: Journal of Corporate Accounting & Finance
  doi: 10.1002/jcaf.20054
– ident: 10.1016/j.infsof.2013.05.001_b0260
– ident: 10.1016/j.infsof.2013.05.001_b0280
  doi: 10.1145/1377836.1377854
– volume: 7
  start-page: 392
  issue: 3
  year: 2004
  ident: 10.1016/j.infsof.2013.05.001_b0285
  article-title: An integrated approach to engineer and enforce context constraints in RBAC environments
  publication-title: ACM Transactions on Information and System Security
  doi: 10.1145/1015040.1015043
– year: 2007
  ident: 10.1016/j.infsof.2013.05.001_b0045
– volume: 15
  start-page: 39
  year: 2006
  ident: 10.1016/j.infsof.2013.05.001_b0330
  article-title: Model driven security: from UML models to access control infrastructures
  publication-title: ACM Transactions on Software Engineering Methodology
  doi: 10.1145/1125808.1125810
– volume: 1
  start-page: 113
  issue: 2
  year: 2002
  ident: 10.1016/j.infsof.2013.05.001_b0305
  article-title: The web service modeling framework WSMF
  publication-title: Electronic Commerce Research and Applications
  doi: 10.1016/S1567-4223(02)00015-7
– volume: 12
  start-page: 455
  issue: 4
  year: 2003
  ident: 10.1016/j.infsof.2013.05.001_b0065
  article-title: W-RBAC – a workflow security model incorporating controlled overriding of constraints
  publication-title: International Journal of Cooperative Information Systems
  doi: 10.1142/S0218843003000814
– volume: 53
  start-page: 456
  issue: 5
  year: 2011
  ident: 10.1016/j.infsof.2013.05.001_b0070
  article-title: Modeling process-related RBAC models with extended UML activity models
  publication-title: Information and Software Technology
  doi: 10.1016/j.infsof.2010.11.015
– volume: 37
  start-page: 316
  issue: 4
  year: 2005
  ident: 10.1016/j.infsof.2013.05.001_b0125
  article-title: When and how to develop domain-specific languages
  publication-title: ACM Computing Surveys
  doi: 10.1145/1118890.1118892
– ident: 10.1016/j.infsof.2013.05.001_b0250
– ident: 10.1016/j.infsof.2013.05.001_b0290
  doi: 10.1145/990036.990062
– volume: vol. 3760
  start-page: 59
  year: 2005
  ident: 10.1016/j.infsof.2013.05.001_b0400
  article-title: Balancing flexibility and security in adaptive process management systems
– ident: 10.1016/j.infsof.2013.05.001_b0095
  doi: 10.1007/978-3-642-16934-2_16
– ident: 10.1016/j.infsof.2013.05.001_b0355
  doi: 10.1007/BFb0053381
– ident: 10.1016/j.infsof.2013.05.001_b0055
– ident: 10.1016/j.infsof.2013.05.001_b0135
– ident: 10.1016/j.infsof.2013.05.001_b0160
– volume: 40
  start-page: 38
  issue: 11
  year: 2007
  ident: 10.1016/j.infsof.2013.05.001_b0015
  article-title: Service-oriented computing: state of the art and research challenges
  publication-title: IEEE Computer
  doi: 10.1109/MC.2007.400
– volume: 20
  start-page: 19
  issue: 5
  year: 2003
  ident: 10.1016/j.infsof.2013.05.001_b0115
  article-title: The pragmatics of model-driven development
  publication-title: IEEE Software
  doi: 10.1109/MS.2003.1231146
– volume: 9
  start-page: 75
  year: 2005
  ident: 10.1016/j.infsof.2013.05.001_b0010
  article-title: Service-oriented computing: key concepts and principles
  publication-title: IEEE Internet Computing
  doi: 10.1109/MIC.2005.21
– ident: 10.1016/j.infsof.2013.05.001_b0090
– year: 2011
  ident: 10.1016/j.infsof.2013.05.001_b0230
  article-title: Detecting and resolving conflicts of mutual-exclusion and binding constraints in a business process context
– volume: 7
  start-page: 45
  year: 2003
  ident: 10.1016/j.infsof.2013.05.001_b0295
  article-title: Model-driven trust negotiation for web services
  publication-title: IEEE Internet Computing
  doi: 10.1109/MIC.2003.1250583
– ident: 10.1016/j.infsof.2013.05.001_b0320
– ident: 10.1016/j.infsof.2013.05.001_b0420
  doi: 10.1145/2335484.2335504
– ident: 10.1016/j.infsof.2013.05.001_b0315
  doi: 10.1007/978-3-642-21640-4_37
– volume: 8
  start-page: 46
  issue: 1
  year: 2004
  ident: 10.1016/j.infsof.2013.05.001_b0415
  article-title: Web service conversation modeling: a cornerstone for e-business automation
  publication-title: IEEE Internet Computing
  doi: 10.1109/MIC.2004.1260703
– year: 2006
  ident: 10.1016/j.infsof.2013.05.001_b0120
– ident: 10.1016/j.infsof.2013.05.001_b0105
  doi: 10.1145/1998441.1998446
– volume: 2
  start-page: 14:1
  issue: 2
  year: 2008
  ident: 10.1016/j.infsof.2013.05.001_b0405
  article-title: An environment for flexible advanced compensations of web service transactions
  publication-title: ACM Transactions on the Web
  doi: 10.1145/1346337.1346242
– start-page: 1
  issue: 99
  year: 2011
  ident: 10.1016/j.infsof.2013.05.001_b0025
  article-title: Cost-based optimization of service compositions
  publication-title: IEEE Transactions on Services Computing
– volume: 5
  start-page: 20
  issue: 3
  year: 2008
  ident: 10.1016/j.infsof.2013.05.001_b0335
  article-title: An access-control framework for WS-BPEL
  publication-title: International Journal of Web Services Research
  doi: 10.4018/jwsr.2008070102
– volume: 10
  start-page: 395
  year: 2011
  ident: 10.1016/j.infsof.2013.05.001_b0370
  article-title: A transformation contract to generate aspects from access control policies
  publication-title: Software and Systems Modeling
  doi: 10.1007/s10270-010-0156-x
– volume: 3
  start-page: 60
  issue: 1
  year: 2010
  ident: 10.1016/j.infsof.2013.05.001_b0410
  article-title: Rule-based coordination of distributed web service transactions
  publication-title: IEEE Transactions on Services Computing
  doi: 10.1109/TSC.2009.27
– ident: 10.1016/j.infsof.2013.05.001_b0155
  doi: 10.1007/11821946_12
– volume: 2
  start-page: 65
  issue: 1
  year: 1999
  ident: 10.1016/j.infsof.2013.05.001_b0080
  article-title: The specification and enforcement of authorization constraints in workflow management systems
  publication-title: ACM Transactions on Information and System Security
  doi: 10.1145/300830.300837
– ident: 10.1016/j.infsof.2013.05.001_b0245
  doi: 10.1145/1998441.1998453
– start-page: 326
  year: 2002
  ident: 10.1016/j.infsof.2013.05.001_b0385
  article-title: A meta model for structured workflows supporting workflow transformations
– ident: 10.1016/j.infsof.2013.05.001_b0325
  doi: 10.1145/1377836.1377853
– volume: 39
  start-page: 25
  issue: 2
  year: 2006
  ident: 10.1016/j.infsof.2013.05.001_b0110
  article-title: Guest editor’s introduction: model-driven engineering
  publication-title: IEEE Computer
  doi: 10.1109/MC.2006.58
– ident: 10.1016/j.infsof.2013.05.001_b0210
  doi: 10.1145/1982185.1982520
– volume: 4
  start-page: 253
  issue: 4
  year: 2010
  ident: 10.1016/j.infsof.2013.05.001_b0005
  article-title: The service-oriented metaphor deciphered
  publication-title: JCSE
  doi: 10.5626/JCSE.2010.4.4.253
– volume: 152
  start-page: 125
  year: 2006
  ident: 10.1016/j.infsof.2013.05.001_b0145
  article-title: A taxonomy of model transformation
  publication-title: Electronic Notes in Theoretical Computer Science
  doi: 10.1016/j.entcs.2005.10.021
– ident: 10.1016/j.infsof.2013.05.001_b0150
  doi: 10.1109/MS.2003.1231150
– volume: 11
  start-page: 4:1
  year: 2008
  ident: 10.1016/j.infsof.2013.05.001_b0345
  article-title: XACML policy integration algorithms
  publication-title: ACM Transactions on Information and System Security
  doi: 10.1145/1330295.1330299
– ident: 10.1016/j.infsof.2013.05.001_b0360
  doi: 10.1109/PST.2010.5593232
– ident: 10.1016/j.infsof.2013.05.001_b0170
– volume: 29
  start-page: 38
  issue: 2
  year: 1996
  ident: 10.1016/j.infsof.2013.05.001_b0050
  article-title: Role-based access control models
  publication-title: Computer
  doi: 10.1109/2.485845
– ident: 10.1016/j.infsof.2013.05.001_b0195
– start-page: 857
  year: 2012
  ident: 10.1016/j.infsof.2013.05.001_b0220
  article-title: On the parameterized complexity of the workflow satisfiability problem
– ident: 10.1016/j.infsof.2013.05.001_b0340
– ident: 10.1016/j.infsof.2013.05.001_b0240
  doi: 10.1109/CBMS.2006.95
SSID ssj0017030
Score 2.132177
Snippet A distributed business process is executed in a distributed computing environment. The service-oriented architecture (SOA) paradigm is a popular option for the...
A distributed business process is executed in a distributed computing environment. The service-oriented architecture paradigm is a popular option for the...
SourceID pubmedcentral
proquest
pubmed
crossref
elsevier
SourceType Open Access Repository
Aggregation Database
Index Database
Enrichment Source
Publisher
StartPage 1884
SubjectTerms Architecture (computers)
Business Process Execution Language
Business process management
Computer programs
Enforcement
Entailment constraints
Identity and access management
Prototypes
Service oriented architecture
Service-Oriented Architecture (SOA)
Software
Software services
Studies
Systems integration
WS-BPEL
Title Enforcement of entailment constraints in distributed service-based business processes
URI https://dx.doi.org/10.1016/j.infsof.2013.05.001
https://www.ncbi.nlm.nih.gov/pubmed/27667903
https://www.proquest.com/docview/1432864277
https://www.proquest.com/docview/1513445247
https://www.proquest.com/docview/1835372998
https://pubmed.ncbi.nlm.nih.gov/PMC4461153
Volume 55
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3da9RAEB9KBfFF_PZsLSv4Gm9vP7LJYyktp2Jf9KBvYb8OIyV3NNdX_3ZnspvQU7HgY5IJZGdnd36TnfkNwHsjNEbSwhVBSV4ovfZFXTtc7ujKKx9t5JIKnL9clsuV-nSlrw7gbKyFobTKvPenPX3YrfOdedbmfNu2868IDji6z5oOZBaJdlspQ1b-4eeU5rEgi058e7wg6bF8bsjxwknsNwORpxz4O3NrmL-4pz_h5-9ZlHfc0sUTeJzxJDtNn_wUDmL3DB6O6ezPYXVO9UZ--AnINmtGqeLt9XDlCRpSh4hdz9qOBaLQpe5XMbA-7SAF-bjAcqPKnm1TVUHsX8Dq4vzb2bLIrRQKr4XaYYAYEKdpzqORGMC5iKjIBh9kIJDgRM2jt8JZ7pyNVSgrr7l0xlVWc-_XSr6Ew27TxdfAqsphyLMOWqFnD2V01hsrhFOI3KyM9QzkqMHGZ55xGsx1MyaU_WiS3hvSe8M15dXNoJje2iaejXvkzTg5zZ69NOgK7nnzeJzLJq_XHgMgKSoMxYyZwbvpMa40Oj6xXdzcooxeSKVQnf-SQUBLB6F1NYNXyTym4QhTlqbmEj99z3AmAWL63n_Std8Hxm-M2RG5yzf_PegjeERXqYjyGA53N7fxLaKpnTsZlssJPDj9-Hl5-Quk1CGW
linkProvider Elsevier
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV3JbtRAEC2FIAEXFNYMBGgkOJrp6cXLgQMKiSZkuZCRcjO9jXAUeUZ4IsSFn-IHqbLbFgOISEg52t223NW1vHLXAvAqExo9aWETryRPlJ67pCgsijua8twFE7ikBOfjk3Q6Ux_O9NkG_OhzYSisMur-Tqe32jreGUdqjpdVNf6I4ICj-SzoQGaCzBMjKw_Dt6_otzVvD97jJr8WYn_vdHeaxNYCidNCrdBh8ohbNOchk-jQ2IAowXjnpSejaUXBgzPCGm6tCblPc6e5tJnNjebOzZXE996AmwrVBbVNePN9iCuZkAh1Bf54Qp_X5-u1QWXINc2irRwq24KhsRfNX-zhn3j397DNX-zg_hbcjQCWvetodA82Qn0fbvXx8w9gtkcJTq7968gWc0ax6dVFe-UIi1JLilXDqpp5qtlL7baCZ02nshIyqp7FzpgNW3ZpDKF5CLNrIfAj2KwXddgGlucWfay51wqhhE-DNS4zQliFUNHIUIxA9hQsXSxsTou5KPsItvOyo3tJdC-5pkC-ESTDU8uusMcV87N-c8o1Bi3R9lzx5E6_l2VUEA16XFLk6Ptl2QheDsMo2nReY-qwuMQ5eiKVQnL-aw4iaDp5LfIRPO7YY1iOyNI0K7jET19jnGEClRZfH6mrz22JcYW0Rlv45L8X_QJuT0-Pj8qjg5PDp3CHRroMzh3YXH25DM8Qyq3s81Z0GHy6bln9CYo6XdI
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Enforcement+of+entailment+constraints+in+distributed+service-based+business+processes&rft.jtitle=Information+and+software+technology&rft.au=Hummer%2C+Waldemar&rft.au=Gaubatz%2C+Patrick&rft.au=Strembeck%2C+Mark&rft.au=Zdun%2C+Uwe&rft.date=2013-11-01&rft.issn=0950-5849&rft.volume=55&rft.issue=11&rft.spage=1884&rft_id=info:doi/10.1016%2Fj.infsof.2013.05.001&rft_id=info%3Apmid%2F27667903&rft.externalDocID=27667903
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0950-5849&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0950-5849&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0950-5849&client=summon