This article proposes a flexible way in business process modeling and managing. Today, business process needs to be more flexible and adaptable. The regulations and policies in organizations, as origins of change, are often expressed in terms of business rules. The ECA (Event-condition-action) rule is a popular way to incorporate flexibility into a process design. To raise the flexibility in the business processes, the authors consider governing any business activity through ECA rules based on business rules. For adaptability, the separation of concerns supports adaptation in several ways. To cope with flexibility and adaptability, the authors propose a new multi concern rule based model. For each concern, each business rule is formalized using their CECAPENETE formalism (Concern -Event-Condition-Action-Post condition- check Execution- Number of check -Else-Trigger-else Event). Then, the rules based process is translated into a graph of rules that is analyzed in terms of relations between concerns, reliably and flexibility.
TopIntroduction
Service-oriented architecture (SOA) with its enabling Web Services is currently offering best technological solutions to distributed and loosely-coupled cross-organizational business applications (Papazoglou, 2007). Web-services are explicit computational units, which can through their interfaces be universally described, published and more importantly (dynamically) composed using XML-based standards (e.g., WSDL, UDDI, BPEL4WS, WS-CDL) (Alonso, 2004). As these standards are maturing, more and more world-wide cross-organizations are opting for service oriented solutions. Consequently, all capabilities and limitations of this new paradigm are being at proof towards developing realistic service-driven applications. Adaptability and correctness, besides knowledge-intensiveness belong to the most challenging issues (Papazoglou, 2008). Indeed, whereas WSDL and BPEL are inherently static and manual, but realistic services are deemed to be highly adaptive and evolving.
The BPEL language does not provide any support for the specification of either authorization policies or authorization constraints on the execution of activities composing a business process (Bertino, 2006). It is important that such an authorization model be high-level and expressed in terms of entities that are relevant from the organizational perspective (Bertino, 2006).
The regulations and policies in organizations are often expressed in terms of business rules that are sometimes defined as high-level structured statements that constrain, control, and influence the business logic (Business Rules Group, 2005). Business Rules Group (2005) defines the business rules that are “the set of policies for regulating the whole business within and out-side an organization.” They represent main driving force for adaptability and competitiveness.
The ECA pattern has been widely adopted for business rules (Wan-Kadir, 2003). They are an interest way to incorporate flexibility into a process design. And, they are a popular approach to catch unanticipated events and adapt to exceptions (Ahn, 2000).
Separation of concerns provides a way to separate development of the functionality and the crosscutting concerns (e.g., quality of service, security). This principle has become one of the cornerstone principles in software engineering, and has lead to a wide spread of aspect-oriented programming (AOP) approach (Kazhamiakin, 2010).
The advantages in addressing each concern separately are transparency, evolution, understandability and scalability. More, it is necessary to bring them together to understand which global system properties emerge at any given activity (Aoumeur, 2009).
In order to incorporate flexibility and adaptability into a business process design, and benefit of the advantages of separation of two concerns: security and interaction in business process modeling, we propose, in this paper, a new rule-based model that wants to improve the flexibility, adaptability and verification of business process.
For each concern (security or interaction), we govern any business activity through our CECAPENETE formalism (Concern -Event-Condition-Action-Post condition- check Execution- Number of check -Else-Trigger-else Event) based on business rules. We study the relationships between the rules of the same concern and between the rules of the different concerns. Based on these relationships, we translate the rules based process into a graph of rules. The analysis of this graph allows managing the change on the rules, to identify risks of exceptions at verification step and managing these exceptions at execution step.
The work in reference (Boukhebouze, 2010) provides a useful inspiration for our work, but it doesn't support the multi concerns. It governs the business rules on one view and doesn't discuss risks of security concern like deny of service. It also does not support the intervention of designer to mark some risks of exceptions in modeling step which it is necessary, in some cases, to perform the execution of business process.
The rest of this paper is organized as follows. In the second section, we present our new multi-concern rules based model. The third section explains the management of flexibility in process multi-concern modeling. In the fourth section, we discuss the healing of exceptions in the rules based process. We give a related work and finally, wrap up by some concluding remarks and further required extensions of this work.