2015-05-30 14:14:08 +00:00
|
|
|
# SecureBPMN
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 14:14:08 +00:00
|
|
|
[SecureBPMN](https://www.brucker.ch/projects/securebpmn/index.en.html)
|
|
|
|
is a domain-specific modeling language that allows to model security
|
2018-08-06 09:02:27 +00:00
|
|
|
aspects (e.g., access control, separation of duty, confidentiality).
|
|
|
|
SecurePBPMN is defined as a meta-model that can easily be integrated
|
|
|
|
into BPMN and, thus, can be used for modeling secure and business
|
|
|
|
processes as well as secure service compositions.
|
2015-05-30 14:14:08 +00:00
|
|
|
|
|
|
|
![ScreenShot of the SecureBPMN Modeling and Verification Environment] (https://www.brucker.ch/projects/securebpmn/img/activiti-bpmn-analysis.png)
|
|
|
|
The SecureBPMN tool chain does not only support modeling of secure business
|
|
|
|
process and service compositions: it also supports the formal analysis both
|
|
|
|
on the level of SecureBPMN models as well as refinement properties between
|
|
|
|
the model and the actual implementation.
|
|
|
|
|
|
|
|
## Installation
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 14:14:08 +00:00
|
|
|
### SecureBPMN Designer
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 14:14:08 +00:00
|
|
|
#### Prerequisites
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 14:14:08 +00:00
|
|
|
* Eclipse Helios
|
|
|
|
* SATMC (http://www.ai-lab.it/satmc/), version 3.3.x
|
2016-10-22 20:56:28 +00:00
|
|
|
(for the formal analysis of secure business processes)
|
2015-05-30 14:14:08 +00:00
|
|
|
|
|
|
|
#### Preparing the Eclipse environment
|
2018-05-13 08:46:46 +00:00
|
|
|
|
|
|
|
First, install the GenericBreakGlass-XACML into your local
|
|
|
|
maven repository:
|
2015-06-08 06:48:06 +00:00
|
|
|
```
|
|
|
|
cd GenericBreakGlass-XACML/src/eu.aniketos.securebpmn.xacml.parent
|
|
|
|
mvn clean eclipse:clean
|
|
|
|
mvn eclipse:eclipse
|
2015-05-30 14:14:08 +00:00
|
|
|
mvn install
|
2015-06-08 06:48:06 +00:00
|
|
|
cd ..
|
|
|
|
```
|
2018-05-13 08:46:46 +00:00
|
|
|
|
|
|
|
To initialize the Eclipse project structure, please do
|
2016-10-22 20:56:28 +00:00
|
|
|
```
|
2015-06-08 06:48:06 +00:00
|
|
|
cd designer/src//org.activiti.designer.parent
|
2015-05-30 14:14:08 +00:00
|
|
|
mvn clean eclipse:clean
|
|
|
|
mvn eclipse:eclipse
|
2015-06-08 06:48:06 +00:00
|
|
|
cd ..
|
2015-05-30 14:14:08 +00:00
|
|
|
```
|
2018-05-13 08:46:46 +00:00
|
|
|
|
|
|
|
After this, all projects can be imported into a fresh Eclipse
|
|
|
|
workspace using `File -> Import -> Existing Projects into Workspace`.
|
2015-05-30 14:14:08 +00:00
|
|
|
|
|
|
|
#### Generate Model Classes
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 14:14:08 +00:00
|
|
|
1. Open the folder `model` in the project `org.activiti.designer.model`
|
|
|
|
2. Open `BPMN20.genmodel`
|
|
|
|
3. Select the top level node (`bpmn2`)
|
|
|
|
4. Select `Generator -> Reload...` from the top-level menu, select
|
|
|
|
`Ecore model` and complete the wizard. While doing this, ensure
|
|
|
|
that all packages are select in the `Package Selection` screen.
|
|
|
|
5. Select the top level node (`bpmn2`)
|
|
|
|
6. Select `Generator -> Generate all` from the top-level menu
|
|
|
|
|
|
|
|
#### Start Eclipse Application
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 14:14:08 +00:00
|
|
|
Select the project `org.activiti.designer.eclipse` and select `Run as
|
|
|
|
-> Eclipse application` in the context menu (right click).
|
|
|
|
|
2015-05-30 20:05:08 +00:00
|
|
|
### SecureBPMN Runtime
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 20:05:08 +00:00
|
|
|
#### Prerequisites
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 20:05:08 +00:00
|
|
|
Java 6 must be installed and executable:
|
|
|
|
```
|
|
|
|
export JAVA_HOME=<install directory of java 6>
|
|
|
|
export PATH=$JAVA_HOME/bin:$PATH
|
|
|
|
```
|
|
|
|
Moreover, the xalan libraries must be installed:
|
|
|
|
```
|
|
|
|
cd runtime/src/userguide
|
|
|
|
ant install.xalan.libs
|
|
|
|
```
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 20:05:08 +00:00
|
|
|
### Building the SecureBPMN Runtime
|
2018-05-13 08:46:46 +00:00
|
|
|
|
|
|
|
If you did not install GenericBreakGlass-XACML into your local
|
|
|
|
maven repository as part of the installation of the SecureBPMN
|
|
|
|
Designer:
|
2015-06-08 06:48:06 +00:00
|
|
|
```
|
|
|
|
cd GenericBreakGlass-XACML/src/eu.aniketos.securebpmn.xacml.parent
|
|
|
|
mvn clean eclipse:clean
|
|
|
|
mvn eclipse:eclipse
|
|
|
|
mvn install
|
|
|
|
cd ..
|
|
|
|
```
|
2018-05-13 08:46:46 +00:00
|
|
|
|
|
|
|
Compile the SecureBPMN runtime:
|
2015-05-30 20:05:08 +00:00
|
|
|
```
|
|
|
|
cd runtime/src/distro
|
|
|
|
ant clean distro
|
|
|
|
```
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 20:05:08 +00:00
|
|
|
If ``ant `clean distro``` is not able to download tomcat, please
|
|
|
|
download `apache-tomcat-6.0.32.zip` and copy it into
|
|
|
|
`runtime/src/distro/target`.
|
|
|
|
|
|
|
|
### Executing the SecureBPMN Runtime
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 20:05:08 +00:00
|
|
|
```
|
|
|
|
cd runtime/src/distro/target/activiti-5.8/setup/
|
|
|
|
ant demo.start
|
|
|
|
```
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 20:05:08 +00:00
|
|
|
And open `http://localhost:8080/activiti-explorer` in a web browser.
|
|
|
|
Note that `and demo.stop` will stop the demo and `ant demo.clean` will
|
|
|
|
reset the demo setup.
|
|
|
|
|
2015-05-30 14:14:08 +00:00
|
|
|
## Team
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 14:14:08 +00:00
|
|
|
Main developer: [Achim D. Brucker](http://www.brucker.ch/)
|
|
|
|
|
|
|
|
### Contributors
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 14:14:08 +00:00
|
|
|
* Jan Alexander
|
|
|
|
* Matthias Klink
|
|
|
|
* Helmut Petritsch
|
|
|
|
* Raj Ruparel
|
|
|
|
|
2018-08-06 08:50:19 +00:00
|
|
|
## License
|
|
|
|
|
|
|
|
This project is under the Apache 2.0 License.
|
|
|
|
|
|
|
|
SPDX-License-Identifier: Apache-2.0
|
|
|
|
|
2018-08-06 08:52:30 +00:00
|
|
|
## Master Repository
|
|
|
|
|
|
|
|
The master git repository for this project is hosted by the [Software
|
|
|
|
Assurance & Security Research Team](https://logicalhacking.com) at
|
|
|
|
<https://git.logicalhacking.com/SecureBPMN/SecureBPMN>.
|
|
|
|
|
2015-05-30 14:14:57 +00:00
|
|
|
## Publications
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 14:14:08 +00:00
|
|
|
Related publications are listed on the [SecureBPMN
|
2015-05-30 20:05:08 +00:00
|
|
|
website](https://www.brucker.ch/projects/securebpmn/index.en.html).
|
|
|
|
The core publications are:
|
2018-05-13 08:46:46 +00:00
|
|
|
|
2015-05-30 20:05:08 +00:00
|
|
|
* Achim D. Brucker. [Integrating Security Aspects into Business Process
|
|
|
|
Models](http://www.brucker.ch/bibliography/download/2013/brucker-securebpmn-2013.pdf).
|
|
|
|
In it - Information Technology, 55 (6), pages 239-246, 2013.
|
|
|
|
doi:[10.1524/itit.2013.2004](http://dx.doi.org/10.1524/itit.2013.2004)
|
|
|
|
http://www.brucker.ch/bibliography/abstract/brucker-securebpmn-2013
|
|
|
|
* Achim D. Brucker, Luca Compagna, and Pierre Guilleminot. [Compliance
|
|
|
|
Validation of Secure Service Compositions](http://www.brucker.ch/bibliography/download/2014/brucker.ea-aniketos-compliance-2014.pdf).
|
|
|
|
In Secure and Trustworthy Service Composition: The Aniketos Approach.
|
|
|
|
Lecture Notes in Computer Science: State of the Art Surveys (8900),
|
|
|
|
pages 136-149, Springer-Verlag, 2014.
|
|
|
|
doi:[10.1145/2295136.2295160](http://dx.doi.org/10.1145/2295136.2295160)
|
|
|
|
http://www.brucker.ch/bibliography/abstract/brucker.ea-aniketos-compliance-2014
|
|
|
|
* Achim D. Brucker, Isabelle Hang, Gero Lückemeyer, and Raj
|
|
|
|
Ruparel. [SecureBPMN: Modeling and Enforcing Access Control
|
|
|
|
Requirements in Business Processes](http://www.brucker.ch/bibliography/download/2012/brucker.ea-securebpmn-2012.pdf).
|
|
|
|
In ACM symposium on access control models and technologies (SACMAT),
|
|
|
|
pages 123-126, ACM Press, 2012.
|
|
|
|
doi:[10.1145/2295136.2295160](http://dx.doi.org/10.1145/2295136.2295160)
|
|
|
|
http://www.brucker.ch/bibliography/abstract/brucker.ea-securebpmn-2012
|