While their basic principles and ideas are well understood and
cogent from a conceptual perspective, the realization of
interorganizational workflows and applications based on service-
oriented architectures (SOAs) remains a complex task, and,
especially when it comes to security, the implementation is still
bound to low-level technical knowledge and hence inherently error-
prone.
Hafner and Breu set a different focus. Based on the paradigm of
model-driven security, they show how to systematically design and
realize security-critical applications for SOAs. In their
presentation, they first detail how systems and security
engineering go hand in hand and are integrated from the very start
in the requirements elicitation and the design phase. In a second
step, they apply the principles of model-driven security to SOAs.
Model-driven security is an engineering paradigm that aims at the
automatic generation of security-critical executable software for
target architectures. Based on the general principles of model-
driven software development, the automation of security engineering
through proven and reliable mechanisms guarantees correctness and
facilitates an agile and flexible approach to the implementation
and high-level management of security-critical systems.
Their book addresses IT professionals interested in the design and
realization of modern security-critical applications. It presents a
synthesis of various best practices, standards and technologies
from model-driven software development, security engineering, and
SOAs. As a reader, you will learn how to design and realize SOA
security using the framework of an extensible domain architecture
for model-driven security.
http://www.amazon.com/exec/obidos/tg/detail/-/3540795383/
Download File Size:14.76 MB