[Back]


Publications in Scientific Journals:

W. Hummer, P. Gaubatz, M. Strembeck, U. Zdun, S. Dustdar:
"Enforcement of entailment constraints in distributed service-based business processes";
Information and Software Technology, Volume 55 (2013), Issue 11; 1884 - 1903.



English abstract:
Context: A distributed business process is executed in a distributed computing environment. The serviceoriented architecture (SOA) paradigm is a popular option for the integration of software services and execution of distributed business processes. Entailment constraints, such as mutual exclusion and binding constraints, are important means to control process execution. Mutually exclusive tasks result from the division of powerful rights and responsibilities to prevent fraud and abuse. In contrast, binding constraints define that a subject who performed one task must also perform the corresponding bound task(s).
Objective: We aim to provide a model-driven approach for the specification and enforcement of taskbased entailment constraints in distributed service-based business processes. Method: Based on a generic metamodel, we define a domain-specific language (DSL) that maps the different modeling-level artifacts to the implementation-level. The DSL integrates elements from role-based access control (RBAC) with the tasks that are performed in a business process. Process definitions are annotated using the DSL, and our software platform uses automated model transformations to produce executable WS-BPEL specifications which enforce the entailment constraints. We evaluate the impact of constraint enforcement on runtime performance for five selected service-based processes from existing literature.
Results: Our evaluation demonstrates that the approach correctly enforces task-based entailment constraints at runtime. The performance experiments illustrate that the runtime enforcement operates with an overhead that scales well up to the order of several ten thousand logged invocations. Using our DSL annotations, the user-defined process definition remains declarative and clean of security enforcement code.
Conclusion: Our approach decouples the concerns of (non-technical) domain experts from technical details of entailment constraint enforcement. The developed framework integrates seamlessly with
WS-BPEL and the Web services technology stack. Our prototype implementation shows the feasibility of the approach, and the evaluation points to future work and further performance optimizations.


Related Projects:
Project Head Schahram Dustdar:
Erweiterte Diagnose und Testen für SOAs - Audit 4 SOAs

Project Head Schahram Dustdar:
INDENICA


Created from the Publication Database of the Vienna University of Technology.