A Framework for Model Driven Security

The SECTET framework supports business partners during the development and distributed management of decentralized peer-to-peer scenarios. Primarily developed for the realization of decentralized, security critical collaboration across domain boundaries — so-called inter-organizational workflows, it realizes a domain architecture aiming at the correct technical implementation of domain-level security requirements. It consists of three core components:

  1. Security Modeling. The modeling component supports the collaborative specification of a scenario at the abstract level in a platform independent context. The component implements an intuitive domain specific language, which is rendered in a visual language based on UML2 for various modeling tools. The modeling occurs at a level of abstraction appropriate to bridge the gap between domain experts on one side and engineers on the other side, roles chiefly involved in two different phases of the engineering process — the requirements engineering and the design phase respectively.
  2. Code Generation & Model Transformation. Model information is translated it into platform independent models (PIM) based on security patterns and protocols enforcing security requirements. The PIMs are refined into platform specific models of various granularity until they can be mapped into configuration code for the components of the target architecture.
  3. Web services Based Reference Architecture. The architecure specifies a Web services based target runtime environment for local executable workflows and back-end services at the partner node. The workflow and security components implement a set of workflow and security technologies based on XML- and Web services technology. The architectural blueprint of the Reference Archtiecure is based on the idea of security services transposing the model of Software as a Service to the security domain and thereby realizes Security.
In association with: