<\/p>\n
L’approche \u00e0 services est apparue en ayant pour but de construire des applications \u00e0 partir d’entit\u00e9s logicielles, nomm\u00e9es services. Un service fournit un ensemble de fonctionnalit\u00e9s d\u00e9finies par une description de services. A partir de cette description, un consommateur de service peut rechercher un service qui corresponde \u00e0 ses besoins, le s\u00e9lectionner et l’invoquer. La construction d’applications par composition de services demeure n\u00e9anmoins une activit\u00e9 complexe puisqu’il faut traiter conjointement les aspects m\u00e9tier et techniques ; la composition doit satisfaire aux exigences fonctionnelles et non-fonctionnelles ainsi que respecter les contraintes des technologies \u00e0 services li\u00e9es, notamment, \u00e0 l’h\u00e9t\u00e9rog\u00e9n\u00e9it\u00e9 des plates-formes. Par ailleurs, les points forts de l’architecture \u00e0 services, qui sont la distribution et le d\u00e9ploiement des services sur des plates-formes h\u00e9t\u00e9rog\u00e8nes, ouvrent d\u2019importantes failles de s\u00e9curit\u00e9.<\/p>\n
Nos travaux sont bas\u00e9s sur une approche dirig\u00e9e par les mod\u00e8les pour simplifier la r\u00e9alisation d’applications bas\u00e9es sur une orchestration de services h\u00e9t\u00e9rog\u00e8nes en prenant en consid\u00e9ration les aspects de s\u00e9curit\u00e9 d\u00e8s l’\u00e9tape de conception. Pour cela, nous avons d\u00e9fini deux m\u00e9ta-mod\u00e8les : l’un pour l’orchestration de services et l’autre pour la s\u00e9curit\u00e9, ainsi que des liens entre ces m\u00e9ta-mod\u00e8les dans le but d\u2019\u00e9tendre l’orchestration avec des propri\u00e9t\u00e9s de s\u00e9curit\u00e9. Ainsi, il est possible de r\u00e9aliser des mod\u00e8les d’orchestration de services h\u00e9t\u00e9rog\u00e8nes et s\u00e9curis\u00e9s conformes aux m\u00e9ta-mod\u00e8les. A partir de ces mod\u00e8les, nous g\u00e9n\u00e9rons le code n\u00e9cessaire \u00e0 l’ex\u00e9cution de l’orchestration. L’ex\u00e9cution se fait en fonction des mod\u00e8les d\u00e9finis dans la phase de conception et des services disponibles qui r\u00e9pondent aux sp\u00e9cifications.<\/p>\n
Mots-cl\u00e9s :<\/b> Approche \u00e0 services, Composition de services, S\u00e9curit\u00e9, Approche g\u00e9n\u00e9rative.<\/p>\n
Publications associ\u00e9es<\/b><\/p>\n <\/p>\n Service-oriented Computing (SOC) has appeared recently as a new software engineering paradigm. The very purpose of this reuse-based approach is to build applications through the late composition of independent software elements, called services, which are made available at run-time by internal or external providers. SOC brings properties of major interest. First, it supports rapid application development. Using existing, already tested, services is likely to reduce the time needed to build up an application and the overall quality of this application. SOC also improves software flexibility through late binding. A service to be used by an application is chosen at the last moment, based on its actual availability and on its properties at that moment.<\/p>\n The service orientation has also to face thorny problems, as in any reuse-based approach. In this work, we focus on two major issues: the integration of heterogeneous service-oriented technologies and the management of security aspects when invoking a service. Security is actually a major concern to SOC practitioners. SOC technologies have allowed companies to expose applications, internally and externally, and, for that reason are heavily used. However, in some distributed environments, software services and process engines can be alarmingly vulnerable. Service-based processes can expose organizations to a considerable amount of security risk and dependability degradation.<\/p>\n We propose to use a model-driven approach for solving this problem. During system design, paradigms such as abstraction, separation of concerns and language definition are used to define a model of the service composition with security properties. This model is transformed into an execution model. We present a generative environment applying these principles for service composition.<\/p>\n Keywords:<\/b> Service-oriented approach, service composition, security, generative approach.<\/p>\n Related work<\/b><\/p>\n <\/p>\n L’approche \u00e0 services est apparue en ayant pour but de construire des applications \u00e0 partir d’entit\u00e9s logicielles, nomm\u00e9es services. Un service fournit un ensemble de fonctionnalit\u00e9s d\u00e9finies par une description de services. A partir de cette description, un consommateur de … Continue reading \n
\n