Di Wu,Yabo Dong,Jian Lin,Miaoliang Zhu

DOI: https://doi.org/10.1007/11563952_52

2005-01-01

Abstract:The fast development of E-Commerce and information technology brings much higher requirements for enterprise informationization. Because of the differences in platforms, development languages and standards etc, enterprise application integration (EAI) has become the important form of enterprise informationization to support complex business processes. Web services have emerged as the next generation of integration technology which provides the power to support interoperability. However EAI doesn’t just present new interoperability challenges; it also presents serious privacy and security challenges. This paper presents security architecture of Web Services based EAI which uses distributed Single Sign On authentication and distributed Role-based Access Control authorization. The basic concept and prototype system of the security architecture are described in detail.

Xiaoyang He,Jingang Guo,Yasha Wang,Ying Guo

DOI: https://doi.org/10.1109/apsec.2009.48

2009-01-01

Abstract:A lot of knowledge has been accumulated and documented in the form of process models, standards, best practices, etc. The knowledge tells how a high quality software process should look like, in other words, which constrains should be fulfilled by a software process to assure high quality software products. Compliance checking for a predefined process against proper constrains is helpful to quality assurance. Checking the compliance of an actual performed process against some constrains is also helpful to process improvement. Manual compliance checking is time-consuming and error-prone, especially for large and complex processes. In this paper, we record the process knowledge by means of process pattern. We provide an automatic compliance checking approach for process models against constrains defined in process patterns. Checking results indicate where and which constrains are violated, and therefore suggests the focuses of future process improvement. We have applied this approach in three real projects and the experimental results are also presented.

Ye Tang,Zhang Shen-Sheng,Lei Li,Zhang Jing-Yi

DOI: https://doi.org/10.1007/978-3-540-30501-9_70

2004-01-01

Abstract:The inconvenience and security risks arose from multi-system security functions are firstly analyzed as well as the limitation of Single Sign On. All kinds of methods to implement the integration of application system security functions are studied. Based on them the omnipotent integration technology for application system security functions (OITASSF) is brought forward. It employs intelligent agent combined with smart card to implement the interaction with application system security function instead of person. The technology has the characteristics of wide applicability, high agility, strong stability and good scalability. At last its simple implementation example is illustrated.

Na Luo,Weimin Zhong,Feng Wan,Zhencheng Ye,Feng Qian

DOI: https://doi.org/10.1016/j.cjche.2014.09.047

IF: 3.8

2015-01-01

Chinese Journal of Chemical Engineering

Abstract:In reality, traditional process control system built upon centralized and hierarchical structures presents a weak response to change and is easy to shut down by single failure. Aiming at these problems, a new agent-based service-oriented integration architecture was proposed for chemical process automation system. Web services were dynamically orchestrated on the internet and agent behaviors were built in them. Data analysis, model, optimization, control, fault diagnosis and so on were capsuled into different web services. Agents were used for service compositions by negotiation. A prototype system of poly(ethylene terephthalate) process automation was used as the case study to demonstrate the validation of the integration.

engineering, chemical

Maria Leitner,Zhendong Ma,Stefanie Rinderle-Ma

DOI: https://doi.org/10.48550/arXiv.1507.03415

2015-07-13

Cryptography and Security

Abstract:Information security in Process-aware Information System (PAIS) relies on many factors, including security of business process and the underlying system and technologies. Moreover, humans can be the weakest link that creates pathway to vulnerabilities, or the worst enemy that compromises a well-defended system. Since a system is as secure as its weakest link, information security can only be achieved in PAIS if all factors are secure. In this paper, we address two research questions: how to conduct a cross-layer security analysis that couple security concerns at business process layer as well as at the technical layer; and how to include human factor into the security analysis for the identification of human-oriented vulnerabilities and threats. We propose a methodology that supports the tracking of security interdependencies between functional, technical, and human aspects which contribute to establish a holistic approach to information security in PAIS. We demonstrate the applicability with a scenario from the payment card industry.

Ye Tang,ShenSheng Zhang

2005-01-01

Journal of Computational Information Systems

Abstract:Isolated security functions in multiple application systems bring user inconvenience, which indirectly makes enterprise's information assets at risk. Single Sign On and Kerberos may be two solutions, but they have some instinctive limitation. This study presents all kinds of approaches to implement application system security functions integration. By comparing them, a novel technology-agile heterogeneous security function integration in application level (AHSFIAL) is proposed to build a user-optimized security operation efficiently. It employs intelligent security agent combining with smart card to accomplish interaction with application system security functions, and it integrates security functions rapidly. The framework, main implementation, and algorithm of the technology are presented in detail.

Nan Sang,Xinyong Wu,GuangZe Xiong

2004-01-01

Journal of Information and Computational Science

Abstract:Resolution of integration of multi security policies plays an important role in secure-critical computer systems which support multi security policies. In this paper, a security state transition model is built by means of formal method, the different effects resulting from security-depended actions of different policies on security states is analyzed and a new approach to solve the integration and consistency of multi-policies is presented.

Abdul Hadi bin Abdul Rahman,Abdullah Nazir,Kim Tae Hyun,Tan Horng Yarng,Fatima-tuz-Zahra

DOI: https://doi.org/10.48550/arXiv.2012.10881

2020-12-20

Software Engineering

Abstract:Secure development process is a procedure taken by developers to ensure the programs developed are following the general security standards and will always be up to date so that the outcomes are well secured and obedient. As a software developer, it is very crucial to implement and develop a highly secured and reliable program for clients and users. In this current digital world where everything is advancing faster than we can ever think of, most of the old security policies can no longer be implemented alone. The consequences and impacts that could be brought upon a company are really huge if the software applications are not secured according to the modern trend. Therefore, in this paper research is done to asses the security integration in software development process. The concept and the purpose of this research is to provide insight about the current issues and challenges faced by most of the software developers in terms of secure software development. With a better and clearer explanation of these issues, challenges, and methodologies adopted to overcome them are discussed which can potentially provide a better and higher level of security along with better software programmers and client relationship. To comply with future demands and threats, security concerns need to be involved in all phases while developing a software system. Therefore, an effort is made to investigate and contribute to this domain through this paper.

Sg Deng,Zh Wu,Z Yu,Lc Huang

DOI: https://doi.org/10.1007/978-3-540-24685-5_106

2004-01-01

Abstract:Encapsulating processes into process-services is a hot topic nowadays. Time management is an important issue for service providers to ensure the successful execution of process-services, and time information is also concerned by process-service consumers. Due to the security and secrecy factors in businesses, service providers are not willing to publish all information in process-services out. Thus process-services present as black boxes with only interfaces to consumers. As a result it is hard for consumers to engage in time management. We propose a secure process-service model, in which a process-service is divided into a public part and a private part.

Chen Zhao,Yang Chen,Dawei Xu,NuerMaimaiti Heilili,Zuoquan Lin

DOI: https://doi.org/10.1007/11563952_54

2005-01-01

Abstract:In enterprise environment, security becomes increasingly important and costly. Enterprises are struggling to protect the increasing amount of disparate resources. Simple patchwork of security controls no longer suffices. Enterprises require a comprehensive solution that provides centralized security management, from authentication, to authorization and to auditing. To this end, we present a design and implementation of an integrative security management solution for Web-based enterprise applications, WebDaemon. It provides Single Sign-On to multiple Web applications. It also provides restricted access to Web-based content, portals, and Web applications based on Role-Based Access Control (RBAC) policies. The WebDaemon can help enterprises secure all Web resources with consistency of policy management and reduced administrative costs.

Giedre Sabaliauskaite,Jin Cui

Abstract:—Safety and security are two inter-dependent key properties of autonomous vehicles. They are aimed at protecting the vehicles from accidental failures and intentional attacks, which could lead to injuries and loss of lives. The selection of safety and security countermeasures for autonomous vehicles depends on the driving automation levels, defined by the international standard SAE J3016. However, current vehicle safety standards ISO 26262 do not take the driving automation levels into consideration. We propose an approach for integrating autonomous vehicle safety and security processes, which is compliant with the international standards SAE J3016, SAE J3061, and ISO 26262, and which considers driving automation levels. It uses the Six-Step Model as a backbone for achieving integration and alignment among safety and security processes and artefacts. The Six-Step Model incorporates six hierarchies of autonomous vehicles, namely, functions, structure, failures, attack, safety countermeasures, and security countermeasures. It ensures the consistency among these hierarchies throughout the entire autonomous vehicle’s life-cycle.

Engineering,Environmental Science,Computer Science

Hongxin Li,Yushun Fan,Catherine Dunne,Paolo Pedrazzoli

DOI: https://doi.org/10.1080/0951192052000288279

IF: 4.1

2005-01-01

International Journal of Computer Integrated Manufacturing

Abstract:Collaborative product development is a growing trend as companies seek worldwide opportunities to extend their market as well as small- and medium-sized engineering enterprises concentrate on their core competences. Internet and Web technology facilitates the information sharing and exchange among widely distributed collaboration partners, but the integration of business processes with the support of Web-based applications is the final goal because business processes represent the knowledge of how to reach the collaboration goals. The research results presented in this paper concern business process integration developed as part of the Europe-China project called DRAGON, which aims to develop an Engineering Portal to support collaborative product development. The reference business processes are extracted from the questionnaires completed by specially selected collaboration companies from Europe and China. The constraints, the needed functionalities of the engineering portal, of the whole collaborative product development process are analysed with IDEF0. The emphases in business process integration are put on the application of concurrent engineering principle and workflow management technology. Information integration is ensured by sharing a STEP-based product model and mapping STEP model to XML data. The solution for the coordination problem of a product development team is based on workflow management technology.

Cong Sun,Ning Xi,Jinku Li,Qingsong Yao,Jianfeng Ma

DOI: https://doi.org/10.1109/APSEC.2014.60

2014-01-01

Abstract:Information flow security has been considered as a critical requirement on software systems, especially when heterogeneous components from different parties cooperate to achieve end-to-end enforcement on data confidentiality. Enforcing the information flow security properties on complicated systems faces a great challenge because the properties cannot be preserved under composition and most of the current approaches are not scalable enough. To address this problem, there have been several recent efforts on the compositional information flow analyses developed for different abstraction levels. But these approaches have rarely been considered to incorporate with the process of system design. Integrating the security enforcement with the model-based development process can provide the designer with ability to verify information flow security in the early stage of system development. We propose a compositional information flow verification which is integrated with model-based system design in Sys ML by an automated model translation from semi-formal behavior and structure models to interface automata. Our compositional approach is general to support the complex security lattices and a variety of in distinguish ability relations. The evaluation results show the usability of our approach on practical system designs and the scalability of the compositional verification.

Meng Jiao Shen,Guo Ping Rong,Dong Shao

DOI: https://doi.org/10.4028/www.scientific.net/amr.765-767.1697

2013-01-01

Abstract:At present, software process integration is a hot research issue which aims to improve software development. Thus, our team was organized to research this topic and proposed a cube for integration among different Classifications of processes. Nearly two years ago, we chose the integration of PSP and Agile process as our first sub-direction and showed some conclusions in [1. During the past two years, we got more findings in the research guided by systematic review method. As we all know that, agile process is a light-weight development process which is useful for managing unexpected changes while PSP is a typical plan-driven process which provides a disciplined way to develop software. Although they are distinct from each other, we find that PSP and agile process could complement each other.

Cheng Wang,Jing Wu,Qirui Peng,Qing Li

DOI: https://doi.org/10.1109/SOSE.2010.15

2010-01-01

Abstract:Nowadays, large scale business groups are facing the problems of heterogeneous systems interoperation, among which legacy systems interface standardization, secure cross-domain access and flexibility are three major issues to be solved. Current academic solutions either lack of security consideration or remain as prototypes in laboratories. Industry practices usually tend to abandon all legacy systems to set up a whole solution. In the presented approach, however, a platform with the Service Access Agent (SAA) framework is offered, under which we realize secure cross-domain interoperation of Web services as well as SAA based service orchestration. Some realization details are also described to offer a whole picture.

Yuan Shuhong,Zhu Miaoliang,Yun Xia,Wu Di

DOI: https://doi.org/10.3969/j.issn.1000-386X.2008.01.048

2008-01-01

Abstract:Traditional Enterprise Application Integration(EAI) solutions lacking the support of the united standard have difficulties in resolving the main security problems such as authentication and authorization.To solve these problems,a brand new application integration security architecture based on Web Services WSSA-EAI is proposed.Web Services are applied to create general access interface,and SSO(Single Sign On) authentication and RBAC(Role-based Access Control)authorization are combined.A united EAI security architecture which is easy for maintenance is presented..

Hao Zeng,Dianfu Ma,Yongwang Zhao,Zhuqing Li

DOI: https://doi.org/10.1007/s11761-013-0143-5

2013-01-01

Abstract:Due to the dynamic, heterogeneous and interorganizational nature, different web services and different ports or operations in the same service, even the same services at different times may have their different security requirements because of their different security domains and different business backgrounds. How to design a flexible, fine-grained and comprehensive architecture for web services security processing has become a matter of great urgency. However, no ideal solutions have been worked out for these problems. As a result of our study, we have presented in this paper a policy-based architecture termed policy-based architecture for web services security processing (PBA4WSSP) to meet the dynamic, complete and fine-grained security requirements. In PBA4WSSP, the processing of all security problems is based on security policy in service stage to support flexibly security configuration. Moreover, we have designed a service policy model to describe the fine-grained security requirements. And the conversion method between security policy model and security policy expression has also been described. In addition, a staged complete security processing architecture is provided to reduce the dependency among protocol implementations. Furthermore, with PBA4WSSP, a web service security module has been designed and implemented as well. Eventually, the performance evaluation results amply demonstrate that our system is flexible and usable.

Lirong Dai,Yan Bai

DOI: https://doi.org/10.1109/SSIRI.2011.25

2011-01-01

Abstract:Enterprises security is a complex problem. Pure technology-driven development methods are not sufficient to solve a broad range of enterprise security issues. This paper analyzes the complexity of enterprise security and proposes an organization-driven approach for the problem. The approach combines a set of Unified Modeling Language-based approaches to bridge the gap between enterprise security architecture models and security application development models. It allows an enterprise to coordinate security resources from an enterprise point of view, and develop security applications systematically and efficiently. A comprehensive case study is conducted to illustrate the approach. The study shows through the refinement of enterprise security goals, both software goals and software requirements for a security application can be obtained. In particular, a security application is built to support the specification and automated verification of separation of duty access policies using the Object Constraint Language and formal method Alloy.

Mingdong Wang,Liping Zhao,Hejun Zhu

2003-01-01

Abstract:After analyzing the future of Agile Virtual Enterprise and application deficiencies of traditional SPC, the architecture and function structure of integration quality control system of SPC based on the web are given and discussed in this paper. The Web workflow is adopted to control the production quality of extended enterprises and internal enterprises intelligently in coordination. The control of SPC statistical procedure, pattern recognition of control chart and analysis & diagnosis of fault reasons are combined together to achieve automatic and continuous running of control, identification and diagnosis. The primary function modules are designed as components and encapsulated toolkits, which makes the call of Web workflow convenient. In addition the problem of quality control in the multi-species and few-batch production is solved through the method of Bayes Dynamic Predict, which establishes the basis of cooperated quality control of Agile Virtual Enterprises.

Di Lu,Ruidong Han,Yue Wang,Yongzhi Wang,Xuewen Dong,Xindi Ma,Teng Li,Jianfeng Ma

DOI: https://doi.org/10.1016/j.cose.2020.101922

2020-10-01

Abstract:<p>To achieve more powerful task processing capabilities, the smart embedded systems (SES) are interconnected via wireless network to form a collaboration system. However, due to the limitations on system hardware, the SES device are usually built with the consideration of software functions instead of enough security mechanisms, that exposes the SESs under the security threats from malware or malicious users, such as software or data tampering. To address this issue, a Trusted Platform Module (TPM) is brought in the SES device to guarantee the integrity of the system, with which any unauthorized modifications towards the SES system can be detected by measurement operations of TPM. However, from the perspective of the external visitors, a SES collaboration network performs as a complete system. Thus, to unify the root-of-trust of the network, all the TPMs need to be integrated into a logical one, which can provide more efficient way to attest the external visitors. This brings two distinct advantages: 1) any nodes of the network can be the access node for the visitor, and 2) once a visitor has been successfully attested, it can access the network via any nodes without extra attestation. To achieve TPM integration, we have proposed five protocols to orchestrate the distributed TPMs, including <em>Synchronization Protocol (SYNP), Node Accessing Protocol (NAP), Crossing-Node Access Protocol (CNAP), Updating Protocol (UPDP)</em> and <em>Node-Removing Protocol (NRP)</em>. We have built a prototype system composed of Raspberry Pis and Infineon TPM2.0 chips, in which these protocols are implemented and deployed. Then, we evaluate the protocols' performance on time consumption, and the results show the feasibility and availability of these protocols. Finally, our analysis on experimental results gives the guidance for appropriate use of these protocols.</p>

computer science, information systems