Model Driven Security for Agile SOA-Style Environments

  • Ulrich Lang
  • Rudolf Schreiner


There is evidence that many IT security vulnerabilities are caused by incorrect security policies and configurations (i.e. human errors) rather than by inherent weaknesses in the attacked IT systems. Security administrators need to have an in-depth understanding of the security features and vulnerabilities of a multitude of ever-changing and different IT “silos”. Moreover, in complex, large, networked IT environments such policies quickly become confusing and error-prone because administrators cannot specify and maintain the correct policy anymore. Agile service oriented architecture (SOA) style environments further complicate this scenario for a number of reasons, including: security policies may need to be reconfigured whenever the IT infrastructure gets re-orchestrated; security at the business process management layer is at a different semantic level than in the infrastructure; semantic mappings between the layers and well-adopted standardised notations are not available. This paper explores how the concepts of security policy management at a high, more intuitive (graphical) level of abstraction and model-driven security (tied in with model driven software engineering) can be used for more effective and simplified security management/enforcement for the agile IT environments that organisations are faced with today. In this paper, we illustrate in SecureMDA™ how model driven security can be applied to automatically generate security policies from abstract models. Using this approach, human errors are minimised and policy updates can be automatically generated whenever the underlying infrastructure gets re-orchestrated, updated etc. The generated security policies are consistent across the entire distributed environment using the OpenPMF policy management framework. This approach is better than having administrators go from IT system to IT system and change policies for many reasons (including security, cost, effort, error-proneness, and consistency). The paper also outlines why meta-modelling and a flexible enforcement plug-in model are useful concepts for security model flexibility.


Security Policy Service Oriented Architecture Tool Chain Role Base Access Control Model Drive Architecture 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [AD4C07]
    AD4 Consortium, “EU FP6 R&D project AD4 — 4D Virtual Airspace Management System” web page [online], Scholar
  2. [Jürj04]
    Jan Jürjens, Security Modeling with UMLsec, Workshop regarding Security in Information Systems, SISBD2004, Málaga (Spain), Nov. 9, 2004Google Scholar
  3. [LABW92]
    Lampson, B. et al Lampson, B., Abadi, M., Burrows, M., Wobber, E., “Authentication in Distributed Systems: Theory and Practice”. ACM Transactions on Computer Systems 10, 4, pp 265–310, November 1992Google Scholar
  4. [LaSc04]
    Lang, U., Schreiner, R., “OpenPMF Security Policy Framework for Distributed Systems”. Proceedings of the Information Security Solutions Europe (ISSE 2004) Conference, Berlin, Germany, September 2004Google Scholar
  5. [LaSc07]
    Lang, U., Schreiner, R., “Simplifying security management of cross-organisation collaborative decision making”. Proceedings of the 6th European Conference on Information Warfare and Security, Defence College of Management and Technology, Shrivenham, UK, 2–3 July 2007Google Scholar
  6. [Lang07a]
    Lang, U. et al, “TrustedSOA. SOA security and assurance” blog [online],, 2007Google Scholar
  7. [LangO7b]
    Lang, U. et al, “Model Driven Security” blog [online],, 2007Google Scholar
  8. [LangO7c]
    Lang, U. et al, “Secure Air Traffic Management and CDM-A” blog [online],, 2007Google Scholar
  9. [Lodd02]
    Lodderstedt T., “SecureUML: AUML-Based Modelling Language for Model-Driven Security. In UML 2002 — The Unified Modelling Language. Model Engineering, Languages, Concepts, and Tools”. 5th International Conference, Dresden, Germany, September/October 2002, Proceedings, volume 2460 of LNCS p. 426–441, Springer, 2002Google Scholar
  10. [MICO07]
    MICO project team, “MICO CORBA project” web page [online], www.mico.orgGoogle Scholar
  11. [OMG02]
    Object Management Group, “CORBA Component Model” [online], OMG document number formal/02-06-65, www.omg.orgGoogle Scholar
  12. [OMG03]
    Object Management Group, OMG ptc/03-09-15:“UML 2.0 Infrastructure Final Adopted Specification” [online], www.omg.orgGoogle Scholar
  13. [OMG04]
    Object Management Group, OMG ptc/04-10-02: “UML 2.0 Superstructure Revised Final Adopted Specification” [online], www.omg.orgGoogle Scholar
  14. [OMG06]
    Object Management Group, “Meta Object Facility Core Specification 2.0” [online], OMG document number, formal/2006-01-01, www.omg.orgGoogle Scholar
  15. [Obje07a]
    SecureMiddleware project team, “SecureMiddleware Project” web page [online], http://www.securemiddleware.orgGoogle Scholar
  16. [Obje07b]
    ObjectSecurity Ltd., “OpenPMF project” web page [online], (with SecureMDA,, 2007Google Scholar
  17. [Obje07c]
    ObjectSecurity Ltd., “TrustedSOA” web page [online],, 2007Google Scholar
  18. [Qedo06]
    Qedo project team, “Qedo (Quality of Service Enabled Distributed Objects) CCM Implementation” web page [online],, March 2006Google Scholar
  19. [RiLS05]
    Ritter, T., Lang U., Schreiner R., “Integrating Security Policies via Container Portable Interceptors”, Adaptive and Reflective Middleware Workshop (ARM2005) at Middleware 2005.Google Scholar
  20. [Spar07]
    Sparx Systems, “Enterprise Architect” web page [online], Scholar

Copyright information

© Friedr. Vieweg & Sohn Verlag | GWV Fachverlage GmbH, Wiesbaden 2007

Authors and Affiliations

  • Ulrich Lang
    • 1
  • Rudolf Schreiner
    • 1
  1. 1.ObjectSecurity Ltd.St. John’s Innovation CentreCambridgeUK

Personalised recommendations