A Framework for Model Driven Security
The SECTET framework supports
business partners during the development and distributed management of decentralized peer-to-peer scenarios. Primarily developed for the realization of decentralized, security critical collaboration across domain boundaries — so-called inter-organizational
workflows, it realizes a domain architecture aiming at the correct technical implementation
of domain-level security requirements. It consists of three core components:
- Security Modeling. The modeling component supports the collaborative specification
of a scenario at the abstract level in a platform independent context. The component
implements an intuitive domain specific language, which is rendered in a visual
language based on UML2 for various modeling tools. The modeling occurs at a level of
abstraction appropriate to bridge the gap between domain experts on one side and engineers
on the other side, roles chiefly involved in two different phases of the engineering
process — the requirements engineering and the design phase respectively.
- Code Generation & Model Transformation. Model information is translated
it into platform independent models (PIM) based on security patterns and protocols
enforcing security requirements. The PIMs are refined into platform specific models of
various granularity until they can be mapped into configuration code for the components
of the target architecture.
- Web services Based Reference Architecture. The architecure specifies a Web
services based target runtime environment for local executable workflows and back-end
services at the partner node. The workflow and security components implement a set of
workflow and security technologies based on XML- and Web services technology. The architectural blueprint of the Reference Archtiecure is based on the idea of security services transposing the model of Software as a
Service to the security domain and thereby realizes Security.