Abstract
We describe a UML-based method which supports model-driven development of service-oriented architectures including those used in Web services. Analysable content is extracted from the UML models in the form of process calculus descriptions. These are analysed to provide strong guarantees of satisfactory security and performance. The results are reflected back in the form of a modified version of the UML model which highlights points of the design which can give rise to operational difficulties. A design platform supporting the methodology, Choreographer, interoperates with state-of-the-art UML modelling tools such as Poseidon. We illustrate the approach on an example.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Gentleware AG systems. Poseidon for UML web site (November 2004), http://www.gentleware.com/
Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Nielson, H.R.: Automatic validation of protocol narration. In: Proc. of the 16th Computer Security Foundations Workshop (CSFW 2003), pp. 126–140. IEEE Computer Society Press, Los Alamitos (2003)
Hillston, J.: A Compositional Approach to Performance Modelling. Cambridge University Press, Cambridge (1996)
Buchholtz, M., Montangero, C., Perrone, L., Semprini, S.: For-LySa: UML for authentication analysis. In: Priami, C., Quaglia, P. (eds.) GC 2004. LNCS, vol. 3267, pp. 92–105. Springer, Heidelberg (2005)
Gollmann, D.: Computer Security. Wiley, Chichester (1999)
Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Transactions on Information Theory 22(6), 198–208 (1983)
Nielson, F., Nielson, H.R., Sun, H., Buchholtz, M., Hansen, R.R., Pilegaard, H., Seidl, H.: The Succinct Solver suite. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 251–265. Springer, Heidelberg (2004)
López-Grao, J.P., Merseguer, J., Campos, J.: From UML activity diagrams to stochastic Petri nets: Application to software performance analysis. In: Proceedings of the Seventeenth International Symposium on Computer and Information Sciences, Orlando, Florida, October 2002, pp. 405–409. CRC Press, Boca Raton (2002)
López-Grao, J.P., Merseguer, J., Campos, J.: From UML activity diagrams to Stochastic Petri nets: application to software performance engineering. In: Proceedings of the fourth international Workshop on Software and Performance, pp. 25–36. ACM Press, New York (2004)
Petriu, D.C., Shen, H.: Applying the UML performance profile: Graph grammar-based derivation of LQN models from UML specifications. In: Field, T., Harrison, P.G., Bradley, J., Harder, U. (eds.) TOOLS 2002. LNCS, vol. 2324, pp. 159–177. Springer, Heidelberg (2002)
Lindemann, C., Thümmler, A., Klemm, A., Lohmann, M., Waldhorst, O.P.: Performance analysis of time-enhanced UML diagrams based on stochastic processes. In: Tucci [15], pp. 25–34
Bernardi, S., Donatelli, S., Merseguer, J.: From UML sequence diagrams and statecharts to analysable Petri net models. In: Tucci [15], pp. 35–45
Jürjens, J.: UMLsec: Extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, p. 412. Springer, Heidelberg (2002)
Jürjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2004)
Tucci, S. (ed.): Proceedings of the Third International Workshop on Software and Performance (WOSP 2002), July 2002. ACM Press, Rome (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gilmore, S., Haenel, V., Kloul, L., Maidl, M. (2005). Choreographing Security and Performance Analysis for Web Services. In: Bravetti, M., Kloul, L., Zavattaro, G. (eds) Formal Techniques for Computer Systems and Business Processes. EPEW WS-FM 2005 2005. Lecture Notes in Computer Science, vol 3670. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11549970_15
Download citation
DOI: https://doi.org/10.1007/11549970_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28701-8
Online ISBN: 978-3-540-31903-0
eBook Packages: Computer ScienceComputer Science (R0)