Model Driven Security Framework for Definition ofSecurity Requirements for SOA Based ApplicationsAuthors: Muhammad Qaisar Saleem, Jafreezal Jaafar, and Mohd Fadzil HassanAn ICCAIE Publication

Presented by Raef Mousheimish

Overview

• Background– Service oriented architecture

• Web Services– Model Driven Software Development

• Model Driven Security• Current MDS Approaches

– Frameworks– Problems

• Proposed MDS Framework– Case study

• Conclusion & Future Works• References

Service Oriented Architecture (SOA)

• The SOA is the dominant paradigm nowadays when building business application

• It facilitates the merging of

Business

IT DomainSOA

Functional Business Application

Web Services (WSs)

• When applying the SOA on the Web, WSs are the primary concepts.

• Business Process = distributed and collaborative WSs

Business Process

- Organizational assets and resources- Different security infrastructure

Model Driven Software Development (MDSD)

PIM PSM ISM

Modeling Languages:

Model Driven Security (MDS)

• The research community projected the MDSD to the security domain

• They created the MDS frameworks • MDS frameworks are considered an

acceptable and an applicable solution to adopt in the SOA

• Extend the modeling languages to add security concepts to the model

The Application model

PIMAnd the Security Goals

Typical MDS illustration

1. Security Goals in the Business Requirement Analysis

2. Security intents when modeling at the PIM level

3. The concrete security configuration at the PSM level

CURRENT MDS APPROACHES

• Hafner et al. [1]• Memon et al. [2]• Wolter et al. [3]

Hafner et al. [1]

ISM

PSM

PIM

• It’s called SECTEC• Security Objectives: Access

Rights (Authentication and Authorization)

• Security Annotation are at the PIM level integrated with the application model

• Adopt OMG’s MDE approach

Memon et al. [2]

ISM

PSM

PIM

• It’s called SECTTISSIMO• Extension for the SECTEC

framework• Security Objectives: Access

Rights (Authentication and Authorization), non-repudiation, right delegation, single sign-on privacy, and auditing.

• Security Annotation are at the PIM level but in a different sub-layer from the application model

Abstract Security Service Model

Application model

Wolter et al. [3]

• Detailed discussion about the different abstract security concepts, e.g. confidentiality, auditing, availability…

• Developed security policy for the all the aforementioned security concepts

• The first aim of the framework is the secure interaction between objects, and the necessary information to be stored about these interactions

• A new level of abstraction is introduced. i.e. the Computational independent model (CIM)

ISM

PSM

PIM

CIM

Problems in the Current MDS Approaches• No Sufficient information to generate

an enforceable security configuration• Security experts and business

experts have different understandings on the notion of security, e.g. :– Business experts: just authorization– Security experts: certificate based

authorization, four-eyes-principle, break-glass policy…

The Proposed MDS framework• Business process expert will

define the security goals along with the business process modeling

• The security information must be sufficient for the security expert to:

• Model security solution for the system

• Perform some tool-supported transformation to generate the executable artifacts

• Security Objectives: use identity information and associated rights, information on different forms, service function

Case Study: OnlineStudent Information System

• Collaborating services (Accounting, Registration and examination departments)

• Security concepts must be represented and annotated with the application model at the PIM level

• After studying the security requirements of the system, the authors got this model

Conclusion & Future Works

• Conclusions:– The Incorporation of security

requirements into early stages of software development will improve the security

– Must break the misunderstandings between the business and the security experts

• Future Works:– Development of a Domain Specific

Language (DSL) for the proposed MDS, to help business experts to annotate more semantically the security requirements of a specific domain

Critics• The authors highlighted the problems

of the current approaches but they didn’t resolve it at all– The misunderstandings between domain

experts are never addressed– The authors didn’t show how this MDS

framework provides sufficient security information:

• Than the other frameworks• To generate a enforceable security

configuration

• They said that they are going to use the BPMN modeling language and they didn’t

• They use indifferently the two concepts: non-repudiation and availability

References

1. Michal Hafner, R.B., Berthold Agreiter, SECTET: an extensible framework for the realization of secure inter-organizational workflows. Emeral Internet Research, 2006. Vol.16 No. 5,2006: p. pp.491-506.

2. Memom, M., M. Hafner, and R. Breu, SECTISSIMO: A Platform-independent Framework for Security Services. MODSEC08 Modeling Security Workshop, 2008.

3. Wolter, C., et al., Model-driven business process security requirement specification. J. Syst. Archit., 2009. 55(4): p. 211-223.

THANK YOU

Presented by Raef Mousheimish