Domain-specific language for event-based compliance monitoring in process-driven SOAs

Domain-specific language for event-based compliance monitoring in process-driven SOAs

Abstract

Organizations today are required to adhere to a number of compliance concerns from laws, regulations and policies. Compliance is achieved through defining and implementing so-called controls in the organizations’ business processes. Organizations that build their systems based on the process-driven SOA paradigm realize business processes through orchestration of services to handle the process’ business activities. These business activities or groups of business activities in some cases realize the compliance controls. We propose an approach for implementing event-based compliance monitoring infrastructure that observes such business processes to verify that compliance is indeed adhered to. Our approach is essentially a model-driven technique for realizing this infrastructure. We implement a domain-specific language for specification of compliance directives, and we include code generation templates to generate compliance monitoring code, which is leveraged by complex event processing components to monitor for compliance. We evaluate the impact of our approach on the effort and productivity of a developer who is specifying compliance directives.

Grafik Top
Authors
  • Mulo, Emmanuel
  • Zdun, Uwe
  • Dustdar, Schahram
Grafik Top
Shortfacts
Category
Journal Paper
Divisions
Software Architecture
Subjects
Software Engineering
Journal or Publication Title
Service Oriented Computing and Applications
Publisher
Springer
Place of Publication
Heildelberg
Page Range
pp. 59-73
Number
1
Volume
7
Date
April 2013
Export
Grafik Top