Article Preview
TopIntroduction
Service-oriented architecture (SOA) with its enabling Web Services is currently offering best technological solutions to distributed and loosely-coupled cross-organizational business applications (Papazoglou, 2007). Web-services are explicit computational units, which can through their interfaces be universally described, published and more importantly (dynamically) composed using XML-based standards (e.g., WSDL, UDDI, BPEL4WS, WS-CDL) (Alonso, 2004). As these standards are maturing, more and more world-wide cross-organizations are opting for service oriented solutions. Consequently, all capabilities and limitations of this new paradigm are being at proof towards developing realistic service-driven applications. Adaptability and correctness, besides knowledge-intensiveness belong to the most challenging issues (Papazoglou, 2008). Indeed, whereas WSDL and BPEL are inherently static and manual, but realistic services are deemed to be highly adaptive and evolving.
The BPEL language does not provide any support for the specification of either authorization policies or authorization constraints on the execution of activities composing a business process (Bertino, 2006). It is important that such an authorization model be high-level and expressed in terms of entities that are relevant from the organizational perspective (Bertino, 2006).
The regulations and policies in organizations are often expressed in terms of business rules that are sometimes defined as high-level structured statements that constrain, control, and influence the business logic (Business Rules Group, 2005). Business Rules Group (2005) defines the business rules that are: “the set of policies for regulating the whole business within and out-side an organization”. They represent main driving force for adaptability and competitiveness.
The ECA pattern has been widely adopted for business rules (Wan-Kadir, 2003). They are an interest way to incorporate flexibility into a process design. And, they are a popular approach to catch unanticipated events and adapt to exceptions (Ahn, 2000).
Separation of concerns provides a way to separate development of the functionality and the crosscutting concerns (e.g., quality of service, security). This principle has become one of the cornerstone principles in software engineering, and has lead to a wide spread of aspect-oriented programming (AOP) approach (Kazhamiakin, 2010).
The advantages in addressing each concern separately are transparency, evolution, understandability and scalability. More, it is necessary to bring them together to understand which global system properties emerge at any given activity (Aoumeur, 2009).
In order to incorporate flexibility and adaptability into a business process design, and benefit of the advantages of separation of two concerns: security and interaction in business process modeling, we propose, in this paper, a new rule based model that wants to improving the flexibility, adaptability and verification of business process.