Abstract
Software systems based upon Service-Oriented Architecture (SOA) are often large, heterogeneous and difficult to understand. Evolving such systems presents some unique challenges. For example, it is critical to understand the impacts on trust relationships and security as SOA systems evolve. A substantial body of work exists on the idea of knowledge elicitation and management through the creation of knowledge models, which are created to represent the conceptual knowledge of experts. Knowledge modeling based upon concept maps is an efficient process and knowledge representation scheme that holds potential to assist planning in evolving SOA systems. This chapter contains two examples of knowledge modeling in support of SOA system evolution. The first example is an academic study that illustrates the use of knowledge modeling to create a software security assurance case. The second example, which is the main focus of this chapter, pertains to the ongoing evolution of a large, real-world Sustainment Management System software suite named PAVERâ„¢. This software is being modified to allow third-party add-in functionality to interact with the base system and to create a SOA federation with other enterprise systems. This article contains a description of a knowledge elicitation and modeling effort to identify trust concerns as this increasingly large and complex federation evolves.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Novak, J.D., Gowin, D.B.: Learning how to learn. Cambridge University Press, New York (1984)
Coffey, J.W., Cañas, A.J., Reichherzer, T., Hill, G., Suri, N., Carff, R., Mitrovich, T., Eberle, D.: Knowledge modeling and the creation of El-Tech: a performance support and training system for electronic technicians. Expert Syst. Appl. 25(4), 483–492 (2003)
Coffey, J.W., Snider, D., Reichherzer, T., Wilde, N.: Concept mapping for the efficient generation and communication of security assurance cases. In: Proceedings of IMCIC’14, Orlando, FL. 4–7 Mar 2014, pp. 173–177. ISBN-978-1-936338-97-9
Coffey, J.W., Baskin, A., Reichherzer, T., Wilde, N.: Recovering SOA system architecture from low-level artifacts with a semi-automated approach involving CARET and knowledge elicitation. Int. J. Softw. Eng. Knowl. Eng. 26(1) (2016, Jan) (to appear)
Briggs, G., Shamma, D., Cañas, A.J., Scargle, J., Novak, J.D.: Concept maps applied to Mars exploration public outreach. In: Cañas, A.J., Novak, J.D., González, F. (eds.) Concept Maps: Theory, Methodology, Technology. Proceedings of the First International Conference on Concept Mapping, pp. 125–133. Pamplona, Spain (2004)
Coffey, J.W., Eskridge, T.: Case studies of knowledge modeling for knowledge preservation and sharing in the U.S. nuclear power industry. J. Inf. Knowl. Manage. 7(3), 173–185 (2008)
Coffey, J.W., Hoffman, R.R., Cañas, A.J.: Concept map-based knowledge modeling: perspectives from information and knowledge visualization. Inf. Vis. 5, 192–201 (2006)
Moon, B., Hoffman, R.R., Novak, J., Canas, A. (eds.): Applied Concept Mapping: Capturing, Analyzing, and Organizing Knowledge. CRC Press (2011). ISBN 9781439828601
Rasmusson, L., Jansson, S.: Simulated social control for secure internet commerce. In: Proceedings of the 1996 Workshop on New Security Paradigms (NSPW ‘96), pp. 18–25. Lake Arrowhead, CA (1996)
Thomas, I., Menzel, M., Meinel, C.: Using quantified trust levels to describe authentication requirements in federated identity management. In: Proceedings of SWS’08, October 31, 2008, Fairfax, Virginia, USA, pp. 71–79. ACM 978-1-60558-292 (2008)
Marsh, S.P.: Formalising trust as a computational concept. Stirling, Scotland: Ph.D. dissertation, Dept. Computing Science and Mathematics, University of Stirling (1994)
Skopik, F., Schall, D., Dustdar, S.: Modeling and mining of dynamic trust in complex service-oriented systems. Inf. Syst. 35, 735–757 (2004)
Cayirci, E.: A joint trust and risk model for MSaaS mashups. In: Proceedings of the 2013 Winter Simulation Conference, 8–11 Dec 2013, Washington, D.C, pp. 1347–1358
Kovac, D., Trcek, D.: Qualitative trust modeling in SOA. J. Syst. Architect. 55, 255–263 (2009)
Nair, S.K., Djordjevic, I., Crispo, B., Dimitrakos, T.: Secure web service federation management using TPM virtualisation. In: Proceedings of the 2007 Secure Web Services Workshop (SWS’07), pp. 112–121. Fairfax, VA (2007)
Nair, S.K., Djordjevic, I., Crispo, B., Dimitrakos, T.: Secure web service federation management using TPM virtualisation. In: Proceedings of the 2007 Secure Web Services Workshop (SWS’07), 2 Nov 2007, pp. 73–82, Fairfax, Virginia, USA
Ausubel, D.P.: Educational Psychology: A Cognitive View. Rinehart and Winston, New York (1968)
Ausubel, D.P.: The Acquisition Retention of Knowledge: A Cognitive View. Kluwer, Dordrecht (2000)
Ford, K.M., Cañas, A.J., Coffey, J.W.: Participatory explanation. In: Proceedings of the Sixth Florida Artificial Intelligence Research Symposium (FLAIRS ‘93), Ft. Lauderdale, FL, Apr 1993. pp. 111–115
McNeese, M., Zaff, B., Brown, C., Citera, M., Selvaraj, J.: Understanding the context of multidisciplinary design: establishing ecological validity in the study of design problem solving. In: Proceedings of the 37th Annual Meeting of the Human Factors Society, 1993. Santa Monica, CA
McNeese, M., Zaff, B.S., Citera, M., Brown, C.E., Whitaker, R.: AKADAM: eliciting user knowledge to support participatory ergonomics. Int. J. Ind. Ergon. 15, 345–363 (1995)
Novak, J.D.: Learning, Creating, and Using Knowledge: Concept Maps As Facilitative Tools in Schools and Corporations. Lawrence Erlbaum and Associates (1998). ISBN-13: 978-0805826265
Coffey, J.W.: Facilitating idea generation and decision-making with concept maps. J. Inf. Knowl. Manage. 3(2), 1–14 (2004)
Coffey, J.W., Hoffman, R.R.: Knowledge modeling for the preservation of institutional memory. J. Knowl. Manage. 7(3), 38–49 (2003)
Coffey, J.W., Reichherzer, T., Wilde, N., Owsnicki-Klewe, B.: Automated concept-map generation from service-oriented architecture artifacts. In: Proceedings of the 5th International Conference on Concept Mapping. Valetta, Malta, Sept 2012
Snider, D., Coffey, J.W., Reichherzer, T., Wilde, N., Terry, C., Vandeville, J., Heinen, A., Pramanik, S.: Using concept maps to introduce software security assurance cases. CrossTalk J. Defense Softw. Eng. 27(5), 4–9 (2014)
Cañas, A.J., Hill, G., Carff, R., Suri, N., Lott, J., Eskridge, T., Gómez, G., Arroyo, M., Carvajal, R.: CmapTools: a knowledge modeling and sharing environment. In: Cañas, A.J., Novak, J.D., González, F. (eds) Concept Maps: Theory, Methodology, Technology. Proceedings of the First International Conference on Concept Mapping, Pamplona, Spain (2004)
Agudo, I., Vivas, J.L., López, J.: Security assurance during the software development cycle. In: Proceedings of CompSysTech ‘09, the International Conference on Computer Systems and Technologies and Workshop for PhD Students in Computing. ACM, June, 2009, pp. II.7-1–II.7-6
Bilge, L., Dumitras, T.: Before we knew it an empirical study of zero-day attacks in the real world. In: Proceedings of CCS’12, October 16–18, 2012, Raleigh, North Carolina, USA. 2012, pp. 833–844. ACM 978-1-4503-165
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Coffey, J.W., Baskin, A., Snider, D. (2016). Knowledge Elicitation and Conceptual Modeling to Foster Security and Trust in SOA System Evolution. In: El-Sheikh, E., Zimmermann, A., Jain, L. (eds) Emerging Trends in the Evolution of Service-Oriented and Enterprise Architectures. Intelligent Systems Reference Library, vol 111. Springer, Cham. https://doi.org/10.1007/978-3-319-40564-3_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-40564-3_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-40562-9
Online ISBN: 978-3-319-40564-3
eBook Packages: EngineeringEngineering (R0)