CIn - Centro de Informática UFPE

Eventos Relacionados

Defesa de tese de Doutorado n.171: "Towards Automation of Security-aware SOA-based Business Processes"

A pesquisa será defendida pelo aluno Fernando Lins, no dia 22/06, às14h, na sala D226, no CIn Início: 22/06/2012 às 14:00 Término: 22/06/2012 às 18:00 Local: D226

Pós-Graduação em Ciência da Computação – UFPE
Defesa de Tese de Doutorado Nº 171

Aluno: Fernando Antonio Aires Lins
Orientador: Prof. Nelson Souto Rosa
Título: Towards Automation of Security-aware SOA-based Business Processes
Data: 22/06/2012
Hora/Local: 14:00h – Sala D226
Banca Examinadora:
Prof. Vinicius Cardoso Garcia  (CIn / UFPE)
Prof. Djamel Fawzi Hadj Sadok  (CIn / UFPE)
Prof. Maria Lencastre Pinheiro de Menezes Cruz  (Escola Politécnica / UPE))
Prof. Nabor das Chagas Mendonça(Centro de Ciências Tecnológicas/ UNIFOR)
Prof. Ricardo José Rabelo  (Depto. de Automação e Sistemas/ UFSC)


The adoption of business processes to model and design business activities is becoming a reality to a significant number of companies. Meanwhile, the Service-Oriented Architecture (SOA) is being widely adopted for business processes execution. SOA allows collaboration between partner companies and communities. In this context, security appears with a high importance, because sensitive data sent over the Internet between different service providers may be accessed by unauthorized persons. Other relevant security issues (e.g., related to authentication and data integrity) also appear in this context. To prevent security problems, users may want to define security requirements that must be enforced in essential tasks of the business process (e.g., tasks related to credit card payment). This fact leads to the need of incorporating security elements into business processes. Existing solutions generally focus on the business process automation or the security automation, not both. In this work, we present a solution named BPA-Sec, which incorporates security requirements into the business process automation. In BPA-Sec, business and security requirements can be specified at the business level, translated into executable artifacts, deployed in execution-level tools and enforced at runtime. The service composition that realizes the business process is generated following the WS-BPEL standard, whilst the generated security artifacts are compliant with WS-SecurityPolicy. An illustrative scenario is presented to showcase the proposed solution. BPA-Sec was also compared to existing academic/commercial tools through metrics related to the quality of generated artifacts.
Palavras-chave: Business Process, Web Services, Security, Service Composition, Automation 
  • © Centro de Informática UFPE - Todos os direitos reservados
    Tel +55 81 2126.8430 - Cidade Universitária - 50740-560 - Recife/PE
Plano4 Consultoria Web