Model-driven approaches facilitate the development of applications by introducing domain-specific abstractions. Our model-driven approach called SecureMDD supports the domain of security-critical applications that use web services. Because many applications use external web services (i.e. services developed and provided by someone else), the integration of such web services is an important task of a modeldriven approach. In this paper we present an approach to integrate and exchange external developed web services that use standard or nonstandard cryptographic protocols, in security-critical applications. All necessary information is defined in an abstract way in the application model, which means that no manual changes of the generated code are necessary. We also show how security properties for the whole system including external web services can be defined and proved. For demonstration we use a web shop case study that integrates an external payment service.
CITATION STYLE
Borek, M., Stenzel, K., Katkalov, K., & Reif, W. (2015). Integration and exchangeability of external security-critical web services in a model-driven approach. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9382, pp. 63–73). Springer Verlag. https://doi.org/10.1007/978-3-319-25747-1_7
Mendeley helps you to discover research relevant for your work.