Title: Towards CIM to PIM transformation: from Secure Business Processes defined by BPMN to Use Cases
15th International Conference on Business Process
Management 24-28 September 2007
BrisbaneAustralia
- Towards CIM to PIM transformation from Secure
Business Processes defined by BPMN to Use Cases
Alfonso Rodríguez University of
Bio-Bio, Chile alfonso_at_ubiobio.cl
Eduardo Fernández-Medina and Mario
Piattini University of Castilla-La Mancha,
Spain Eduardo.FdezMedina, Mario.Piattini_at_uclm.e
s
2Outline
- Introduction
- Security in Business Process
- CIM to PIM Transformations
- Example
- Conclusions
3Business Processes are important
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
- Business processes are a good answer
- to the complexity of an environment
- the speed required by new products and
- the growing number of actors involved in
activities of an organization.
4Security is important for enterprises
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
- The introduction of electronic commerce, with the
intensive use of communications and information
technologies, implies that enterprises not only
expand their businesses but also increase their
vulnerability - Although the importance of business process
security is widely accepted, the business analyst
perspective in relation to security has hardly
been dealt - Identification of security requirements is,
usually, somewhat confused. However they are, in
general, identified as functional security
requirements - Functional security requirements varies according
to application types - Quite the opposite, security requirements do not
vary at a high level of abstraction
(Firesmith, 2004)
5Business Processes are useful from the business
and software viewpoint
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
- In previous work we introduced security
representation into business processes. For this,
we extended the BPMN-BPD - BPSec-Profile was created to allow to capture a
set of security requirements which had been
expressed by the business analyst - BPMN-BPD and BPSec-Profile allow to define a
Secure Business Process (SBP) - A SBP that is built by a business analyst is
- useful in the specific business field
- also very useful in a process of software
construction
6Transformations
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
- In order to obtain more concrete models we may
apply proper transformations - Model transformation is focused on solving
problems of time, cost and quality associated
with software creation. - For this the Object Management Group (OMG) have
two proposals - Model Driven Architecture (MDA) which is a
framework for software development - Query/View/Transformations (QVT) which is a
standard for model transformation
7In a nutshell
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
Model Driven Architecture
Unified Process (disciplines)
Our Proposal
Secure Business Process Model
BPMN-BPD
Computation Independent Model
C I M
Business Modeling
BPSec Profile
C2P transformations
QVT Rules
Checklist
Refinement rules
Platform Independent Model
P I M
UML Analysis-Level Classes
UML Use Cases
Requirement Analysis Design
Platform Specific Model
P S M
State Diagram Package Diagram (Java/J2EE,
.NET, CORBA)
Implementation
8Security Requirement
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
- Access Control It establishes the need to define
and/or intensify the access control mechanisms to
restrict access to certain components in an
activity diagram - Attack Harm Detection It indicates the degree to
which the attempt or success of attacks or
damages is detected, registered and notified - Non repudiation It establishes the need to avoid
the denial of any aspect of the interaction - Integrity It establishes the degree of
protection of intentional and non authorized
corruption for components - Privacy It indicates the degree to which non
authorized parts are avoided to obtain sensitive
information
Firesmith, D. Specifying Reusable Security
Requirements (2004)
9BPSec-Profile and BPMN-BPD elements
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
10Patient Admissions
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
Privacy (anonymity)
Non Repudiation
Access Control
11C2P Transformations QVT Rules
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
C2P transformations
QVT Rules
Checklist
Refinement rules
- mapping from Secure Business Process elements to
Use Case elements. - For example pool to actor, activity to use case
or Security requirement to use case
12QVT Rules(textual notation)
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
transformation BusinessProcessDiagram2UseCaseDiagr
am top relation R1 // from Pool to
Actor checkonly domain bpmn_BusinessprocessDiag
ram pPool namen enforce domain
uml_UseCaseDiagram aActornamen where
ap.containedNode?forAll(cnActivityR4(cn)) to
p relation R2 // from Lane to Actor checkonly
domain bpmn_BusinessProcessDiagram lLane
namen enforce domain uml_UseCaseDiagram
aActornamen where ap.containedNode?forAl
l(cnActivityR4(cn)) relation R4 // from
Activities to Use Case checkonly domain
bpmn_BusinessProcessDiagram acActivity namen,
inPartitionap enforce domain
uml_UseCaseDiagram ucUseCase namen,
subjectACTORS Set(Actor) where
ACTORS?including (aActornameap.name) top
relation R6 // from Security Requirement to
Actor checkonly domain bpsec_BPSec
srSecurityRequirement enforce domain
uml_UseCaseDiagram aActor nameSecurity
Staff
top relation R1 // from Pool to Actor
checkonly domain bpmn_BPD pPool namen
enforce domain uml_UCD aActornamen
where ap.containedNode?forAll(cnActivityR4(cn))
relation R4 // from Activities to Use Case
checkonly domain bpmn_BPD acActivity namen,
inPartitionap enforce domain uml_UCD
ucUseCase namen, subjectACTORS Set(Actor)
where ACTORS?including
(aActornameap.name)
Security Staff
13C2P Checklist
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
C2P transformations
QVT Rules
Checklist
Refinement rules
- used to map each security requirement in subjects
name and use cases
14Checklist for Access Control
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
- Access Control
- Preconditions Secure Role, and Permissions for
the objects in the secure role scope - Postconditions Secure role validated to access
to resources, Permissions for the validated
objects, and Audit Register (optional) - Assign secure role to the pool, lane or group
- Validate the secure role. This task is divided
into identify, authenticate and authorize the
secure role - Verify permissions for the objects in the secure
role field. This implies a review of the
permissions granted to the objects that are
within the field of access control specification - If the audit register has been specified, then
the information related to the security role, the
security permissions and the objects in the
access control specification field must be stored
15C2P Refinement Rules
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
C2P transformations
QVT Rules
Checklist
Refinement rules
- the aim is to complete the QVT rules by adding
- subject names
- group names
- main actor identification
- actor generalization and
- redundancies which have to be eliminated
16Refinement Rules
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
- RR1 Subject name (not related to security
specification) is obtained from the business
process name - RR2 Subject name obtained from C2P-R5 must be
complemented with the name of the BPMN-BPD
element where security requirement has been
specified - RR3 Group Name is obtained by linking the Pool
or Lane names where Group is contained - RR4 Main Actor corresponds to the Pool, Lane or
Group name where Start Event is present - RR5 Actor Generalization is obtained from Pool
and Lane - RR6 Redundant specifications must be eliminated
17Our Illustrative Example
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
18Our Illustrative Example
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
19Our Illustrative Example
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
20Our Illustrative Example
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
21Our Illustrative Example
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
22Conclusions
1. Introduction
2. Security in BP
Outline
3. Transformation
4. Example
5. Conclusions
- In our work we have gone beyond the business
analysts perspective (CIM level), in relating
security to more concrete models (PIM level)
which are oriented to software construction - The result has been a set of UML Use Cases which
have been obtained from the SBP specification
described with BPMN-BPD - Such UML artifacts, together with SBP, can be
used in the first stages of a consolidated
software development process such as UP - Future work is focused to enriching
transformations to thus make it possible to
achieve more complete Use Cases models
23Thanks !!
5th International Conference on Business Process
Management 24-28 September 2007
BrisbaneAustralia
- Towards CIM to PIM transformation from Secure
Business Processes defined by BPMN to Use Cases
Alfonso Rodríguez University of
Bio-Bio, Chile alfonso_at_ubiobio.cl
Eduardo Fernández-Medina and Mario
Piattini University of Castilla-La Mancha,
Spain Eduardo.FdezMedina, Mario.Piattini_at_uclm.e
s