Aspect-Based Realization of Non-functional Concerns in Business Processes

  • Anis CharfiEmail author
  • Haolin Zhi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9466)


While functional concerns are well supported in current business process modeling languages such as the Business Process Modeling Notation (BPMN), many important non-functional concerns such as security and quality of service (QoS) cannot be expressed. Some works proposed specific extensions to business process modeling languages to express certain non-functional concerns. However, most related works focus only on expressing non-functional properties in business process models without considering their realization on the implementation level. In this paper, we present a generic approach to non-functional concerns in business processes and bridge the gap between process modeling and process implementation by generating AO4BPEL aspects that enforce and realize the non-functional properties specified in the business process model. The functional part of the processes is realized by generating executable WS-BPEL code out of BPMN process models. The approach is not specific to a particular non-functional concern and the usage of aspects ensures a modular implementation of the business process.


Business process modeling Non-functional concerns Aspects BPMN AO4BPEL WS-BPEL 



This work was performed in the context of the Software-Cluster projects EMERGENT and SINNODIUM ( It was partially funded by the German Federal Ministry of Education and Research (BMBF) under grant no. “01IC10S01” and “01IC12S01”. The authors assume responsibility for the content.


  1. 1.
    Brucker, A.D., Hang, I., Lückemeyer, G., Ruparel, R.: SecureBPMN: modeling and enforcing access control requirements in business processes. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 123–126. ACM, June 2012Google Scholar
  2. 2.
    Charfi, A.: Aspect-Oriented Workflow Management. VDM Verlag, Saarbrücken (2008)Google Scholar
  3. 3.
    Charfi, A., Schmeling, B., Heizenreder, A., Mezini M.: Reliable, secure, and transacted web service compositions with AO4BPEL. In: 4th European Conference on Web Services (ECOWS), pp. 23–34, December 2006Google Scholar
  4. 4.
    Fischer, K.P., Bleimann, U., Fuhrmann, W., Furnell, S.M.: Security policy enforcement in BPEL-defined collaborative business processes. In: Proceedings of the 23rd International Conference on Data Engineering (ICDE), pp. 685–694. IEEE, April 2007Google Scholar
  5. 5.
    Gagne, D., Trudel, A.: Time-BPMN. In: Proceedings of the 11th IEEE International Conference on Commerce and Enterprise Computing (CEC), pp. 361–367. IEEE, July 2009Google Scholar
  6. 6.
    Look, A.: Expressive scoping and pointcut mechanisms for aspect-oriented web service composition. Vorgelegt Diplomarbeit von Alexander Look, Technische Universitaet Darmstadt, September 2011Google Scholar
  7. 7.
    Menzel, M., Thomas, I., Meinel, C.: Security requirements specification in service-oriented business process management. In: International Conference on Availability, Reliability and Security (ARES), pp. 41–48. IEEE, March 2009Google Scholar
  8. 8.
    OASIS: Web Services Business Process Execution Language Version 2.0, April 2007.
  9. 9.
    OMG: Business Process Model and Notation (BPMN) OASIS Standard 2.0, January 2011.
  10. 10.
    Ouvans, C., Dumas, M., Ter Hofstede, A.H.M., Van Der Aalst, W.M.P.: From BPMN Process models to BPEL web services. In: Proceedings of the International Conference on Web Services (ICWS), pp. 285–292. IEEE (2006)Google Scholar
  11. 11.
    Paja, E., Giorgini, P., Paul, S., Meland, P.H.: Security requirements engineering for secure business processes. In: Niedrite, L., Strazdina, R., Wangler, B. (eds.) BIR Workshops 2011. LNBIP, vol. 106, pp. 77–89. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  12. 12.
    Rodríguez, A., Fernández-Medina, E., Piattini, M.: A BPMN extension for the modeling of security requirements in business processes. IEICE Trans. Inf. Syst. 90(4), 745–752 (2007)CrossRefGoogle Scholar
  13. 13.
    Rodríguez, A., Fernández-Medina, E., Piattini, M.: A BPMN extension for the modeling of security requirements in business processes. IEICE - Trans. Inf. Syst. E90–D(4), 745–752 (2007)CrossRefGoogle Scholar
  14. 14.
    Saeedi, K., Zhao, L., Sampaio, P.R.F.: Extending BPMN for supporting customer-facing service quality requirements. In: Proceedings of the 8th IEEE International Conference on Web Services (ICWS), pp. 616–623. IEEE, July 2010Google Scholar
  15. 15.
    Souza, A.R.R., Silva, B.L.B., Lins, F.A.A., Damasceno, J.C., Rosa, N.S., Maciel, P.R.M., Medeiros, R.W.A., Stephenson, B., Motahari-Nezhad, H.R., Li, J., Northfleet, C.: Incorporating security requirements into service composition: from modelling to execution. In: Baresi, L., Chi, C.-H., Suzuki, J. (eds.) ICSOC-ServiceWave 2009. LNCS, vol. 5900, pp. 373–388. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  16. 16.
    Turki, S.H., Bellaaj, F., Charfi, A., Bouaziz, R.: Modeling security requirements in service based business processes. In: Bider, I., Halpin, T., Krogstie, J., Nurcan, S., Proper, E., Schmidt, R., Soffer, P., Wrycza, S. (eds.) EMMSAD 2012 and BPMDS 2012. LNBIP, vol. 113, pp. 76–90. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  17. 17.
    Weidlich, M., Decker, G., Großkopf, A., Weske, M.: BPEL to BPMN: the myth of a straight-forward mapping. In: Tari, Z., Meersman, R. (eds.) OTM 2008, Part I. LNCS, vol. 5331, pp. 265–282. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  18. 18.
    Wolter, C., Menzel, M., Schaad, A., Miseldine, P., Meinel, C.: Model-driven business process security requirement specification. J. Syst. Archit. 55(4), 211–223 (2009)CrossRefGoogle Scholar
  19. 19.
    Wolter, C., Schaad, A.: Modeling of task-based authorization constraints in BPMN. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 64–79. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  20. 20.
    Yahya, I., Turki, S.H., Charfi, A., Kallel, S., Bouaziz, R.: An aspect-oriented approach to enforce security properties in business processes. In: Ghose, A., Zhu, H., Yu, Q., Delis, A., Sheng, Q.Z., Perrin, O., Wang, J., Wang, Y. (eds.) ICSOC 2012. LNCS, vol. 7759, pp. 344–355. Springer, Heidelberg (2013) CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.SAP SEDarmstadtGermany

Personalised recommendations