TY - JOUR AU - Brucker, Achim D. AU - Zhou, Bo AU - Malmignati, Francesco AU - Shi, Qi AU - Merabti, Madjid PY - 2017 DA - 2017/12/ TI - Modelling, Validating, and Ranking of Secure Service Compositions JO - Software: Practice and Expierence (SPE) SP - 1912 EP - 1943 VL - 47 IS - 12 PB - John Wiley & Sons KW - Service design, human-centred service compositions, service modelling, service deployment, service ranking, secure service composition, service availability, SecureBPMN AB - In the world of large-scale applications, software-as-a-service (SaaS) in general and use of micro-services, in particular, is bringing service-oriented architectures (SOA) to a new level: systems in general and systems that interact with human users (e.g., socio-technical systems) in particular are built by composing micro-services that are developed independently and operated by different parties. At the same time, SaaS applications are used more and more widely by enterprises as well as public services for providing critical services, including those processing security or privacy of relevant data. Therefore providing secure and reliable service compositions is increasingly needed to ensure the success of SaaS solutions. Building such service compositions securely, is still an unsolved problem. In this paper, we present a framework for modelling, validating, and ranking secure service compositions that integrate both automated services as well as services that interact with humans. As a unique feature, our approach for ranking services integrates validated properties (e. g., based on the result of formally analysing the source code of a service implementation) as well as contractual properties that are part of the service- level-agreement and, thus, not necessarily ensured on a technical level. L1 - https://www.brucker.ch/bibliography/download/2017/brucker.ea-secure-services-2017.pdf UR - https://www.brucker.ch/bibliography/abstract/brucker.ea-secure-services-2017 UR - https://doi.org/10.1002/spe.2513 DO - 10.1002/spe.2513 LA - USenglish ID - brucker.ea:secure-services:2017 ER -