Abstract
Outsourcing parts of a company’s processes becomes more and more important in a globalized, distributed economy. While architectural styles and technologies such as service-oriented architecture and Web services facilitate the distribution of business process over several departments, enterprises and countries, these business processes still need to comply with various regulations. These regulations can be company regulations, national, or international regulations. When outsourcing IT-functions, enterprises must ensure that the overall regulations are met. Therefore they need evidence from their outsourcing partners that supports the proof of compliance to regulations. Furthermore it must be possible to enforce the adherence to compliance rules at partners. In this paper we introduce so-called compliance interfaces that can be used by customers to subscribe to evidence at a provider and to enforce regulations at a provider. We introduce a general compliance architecture that allows compliance to be monitored and enforced at services deployed in any emerging cloud delivery model.
Chapter PDF
References
Agrawal, R., Gunopulos, D., Leymann, F.: Mining Process Models from Workflow Logs. In: Schek, H.-J., Saltor, F., Ramos, I., Alonso, G. (eds.) EDBT 1998. LNCS, vol. 1377, p. 469. Springer, Heidelberg (1998)
Anstett, T., Leymann, F., Mietzner, R., Strauch, S.: Towards BPEL in the Cloud: Exploiting Different Delivery Models for the Execution of Business Processes. In: IWCS 2009 (2009)
Basel Committee on Banking Supervision. International Convergence of Capital Measurement and Capital Standards (2006)
Danylevych, O., Karastoyanova, D., Leymann, F.: Optimal Stratification of Transactions. In: ICWS 2009 (2009)
Flegel, U., Kerschbaum, F., Miseldine, P., Monakova, G., Wacker, R., Leymann, F.: Insider Threats in Cybersecurity - And Beyond. Springer, Heidelberg (to Appear, 2009)
Gordon, J.W., Appelbe, E.: Dale and Appelbe’s pharmacy law and ethics. Pharmaceutical Press (2005)
Karastoyanova, D., Khalaf, R., Schroth, R., Paluszek, M., Leymann, F.: BPEL Event Model. Technical Report Computer Science 2006/10
Karastoyanova, D., Leymann, F.: BPEL’n’Aspects: Adapting Service Orchestration Logic. In: ICWS 2009 (2009)
Karastoyanova, D., Leymann, F., Nitzsche, J., Wetzstein, B., Wutke, D.: Parameterized BPEL Processes: Concepts and Implementation. In: IWCS 2009 (2009)
Khalaf, R., Karastoyanova, D., Leymann, F.: Pluggable Framework for Enabling the Execution of Extended BPEL Behavior. In: WESOA 2007 (2007)
Khalaf, R., Leymann, F.: A Role-based Decomposition of Business Processes using BPEL. In: ICWS 2006 (2006)
Khalaf, R., Leymann, F.: Coordination Protocols for Split BPEL Loops and Scopes. Technical Report Computer Science 2007/01
Lotz, V., Pigout, E., Fischer, P.M., Kossmann, D., Massacci, F., Pretschner, A.: Towards Systematic Achievement of Compliance in Service-Oriented Architectures: The MASTER Approach. Wirtschaftsinformatik (2008)
Luckham, D.: The Power of Events: An Introduction to Complex Event Processing in Distributed Enterprise Systems. Addison-Wesley Longman, Amsterdam (2002)
Mietzner, R., Leymann, F.: Generation of BPEL Customization Processes for SaaS Applications from Variability Descriptors. In: IEEE SCC (2008)
OASIS. Web Services Business Process Execution Language Version 2.0 – OASIS Standard (2007)
OASIS. Web Services Business Activity (WS-BusinessActivity) Version 1.2 – OASIS Standard (2009)
Reichert, M., Dadam, P.: ADEPT flex - Supporting Dynamic Changes of Workflows Without Loosing Control. Journal of Intelligent Information Systems (1998)
Reichert, M.U., Rinderle, S.B.: On Design Principles for Realizing Adaptive Service Flows with BPEL. In: EMISA 2006 (2006)
Sarbanes, P., Oxley, M.: Sarbanes-Oxley Act of 2002. The Public Company Accounting Reform and Investor Protection Act. Washington DC: US Congress (2002)
The European Parliament and the Council of the European Union. Directive 2001/83/EC of the European Parliament and the Council. Official Journal of the European Communities 311 (2001)
van der Aalst, W.M.P., van Dongen, B.F., Herbst, J., Maruster, L., Schimm, G., Weijters, A.J.M.M.: Workflow mining: A survey of issues and approaches. Data Knowl. Eng. (2003)
van der Aalst, W.M.P., Weijters, A.J.M.M., Maruster, L.: Workflow Mining: Discovering Process Models from Event Logs. IEEE Transactions on Knowledge and Data Engineering (2004)
van Lessen, T., Leymann, F., Mietzner, R., Nitzsche, J., Schleicher, D.: A Management Framework for WS-BPEL. In: ECOWS 2008 (2008)
Weerawarana, S., Curbera, F., Leymann, F., Storey, T., Ferguson, D.F.: Web Services Platform Architecture: SOAP, WSDL, WS-Policy, WS-Addressing, WS-BPEL, WS-Reliable Messaging, and More. Prentice Hall PTR, Englewood Cliffs (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Anstett, T. et al. (2009). MC-Cube: Mastering Customizable Compliance in the Cloud. In: Baresi, L., Chi, CH., Suzuki, J. (eds) Service-Oriented Computing. ServiceWave ICSOC 2009 2009. Lecture Notes in Computer Science, vol 5900. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10383-4_43
Download citation
DOI: https://doi.org/10.1007/978-3-642-10383-4_43
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10382-7
Online ISBN: 978-3-642-10383-4
eBook Packages: Computer ScienceComputer Science (R0)