Wada et al.
An UML profile that provides key model elements to specify service-oriented applications.
Specurity Aspects
Name
Description
Models express non-functional aspects in service-oriented architectures
Specification Elements
Name
Description
A service offered by a system.
The AccessControlledService is a special type of service that enforces an access control policy.
A connection that transmits messages between services.
Represents a pair of a request and reply messages.
Data that is exchanged in a MessageExchange, either in the form of a request or reply message.
EncryptedProperty is used to specify that encryption is applied to some data of a message.
A Filter specifies the semantics of message transmission and message processing and can be a source or sink of request/reply messages.
The Logger is a filter that records the transmission of each message whose priority value is higher than a given priority.
The Validator is a filter that checks messages against a schema and only sends the ones that are valid. If a connector is encrypted, the Validator in the connector cannot validate messages.
The MessageSplitter is a filter that divides messages into parts based on a set of rules.
The Multicast filter sends a request message to multiple destinations and then sends the replies back to the source. It is primarily used to improve efficiency.
The Manycast filter is used to make services more reliable by sending requests to multiple destinations. A Manycast filter sends a request to all services in a group. Manycast sends only one reply to the source of the request.
The Anycast filter is a variation of the hot standby policy in Manycast. It forwards a request message to only one destination in a group of replicated services. This filter is used to balance workload placed on services.
Security Aspects
Non-Functional Properties in SOA
Models express non-functional aspects in service-oriented architectures- Specification Elements:
- AccessControlledService
- Anycast
- Connector
- EncryptedProperty
- Filter
- Logger
- Manycast
- Message
- MessageExchange
- MessageSplitter
- Multicast
- Service
- Validator
- Threats:
- Information Disclosure
- Tampering with Data
- Spoofing
Specification Elements
Service
A service offered by a system.AccessControlledService
The AccessControlledService is a special type of service that enforces an access control policy.Connector
A connection that transmits messages between services.- Applies to:
- Connection
MessageExchange
Represents a pair of a request and reply messages.- Applies to:
- InformationFlow
Message
Data that is exchanged in a MessageExchange, either in the form of a request or reply message.- Applies to:
- Data
EncryptedProperty
EncryptedProperty is used to specify that encryption is applied to some data of a message.- Applies to:
- Data
Filter
A Filter specifies the semantics of message transmission and message processing and can be a source or sink of request/reply messages.Logger
The Logger is a filter that records the transmission of each message whose priority value is higher than a given priority.Validator
The Validator is a filter that checks messages against a schema and only sends the ones that are valid. If a connector is encrypted, the Validator in the connector cannot validate messages.MessageSplitter
The MessageSplitter is a filter that divides messages into parts based on a set of rules.Multicast
The Multicast filter sends a request message to multiple destinations and then sends the replies back to the source. It is primarily used to improve efficiency.Manycast
The Manycast filter is used to make services more reliable by sending requests to multiple destinations. A Manycast filter sends a request to all services in a group. Manycast sends only one reply to the source of the request.Anycast
The Anycast filter is a variation of the hot standby policy in Manycast. It forwards a request message to only one destination in a group of replicated services. This filter is used to balance workload placed on services.