@inproceedings {INPROC-2022-04,
author = {Ghareeb Falazi and Uwe Breitenb{\"u}cher and Frank Leymann and Miles St{\"o}tzner and Evangelos Ntentos and Uwe Zdun and Martin Becker and Elena Heldwein},
title = {{On Unifying the Compliance Management of Applications Based on IaC Automation}},
booktitle = {2022 IEEE 19th International Conference on Software Architecture Companion (ICSA-C)},
publisher = {IEEE},
institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany},
pages = {226--229},
type = {Workshop Paper},
month = {March},
year = {2022},
doi = {10.1109/ICSA-C54293.2022.00050},
keywords = {Infrastructure-as-Code; Compliance; IaC},
language = {English},
cr-category = {D.2.2 Software Engineering Design Tools and Techniques,
D.2.11 Software Engineering Software Architectures},
ee = {https://sites.google.com/view/fist-2022},
contact = {ghareeb.falazi@iaas.uni-stuttgart.de},
department = {University of Stuttgart, Institute of Architecture of Application Systems},
abstract = {Infrastructure-as-Code (IaC) technologies are used to automate the deployment
of cloud applications. They promote the usage of code to define and configure
the IT infrastructure of cloud applications allowing them to benefit from
conventional software development practices, which facilitates the rapid
deployment of new versions of application infrastructures without sacrificing
quality or stability. On the other hand, enterprise applications need to
conform to compliance regarding external regulations and internal policies.
Many of these compliance rules affect the application architecture on which IaC
code operates. However, managing the architectural compliance of IaC-based
application deployments faces a number of challenges, such as configuration
drift and the heterogeneity of IaC technologies. Therefore, in this work, we
present a vision on how to uniformly manage the compliance of the
infrastructure of applications that utilize heterogeneous IaC technologies for
deployment automation. To this end, we introduce an initial design for the
IaC-based Architectural Compliance Management Framework and discuss how it
addresses the corresponding challenges.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2022-04&engl=1}
}
@inproceedings {INPROC-2020-27,
author = {Ghareeb Falazi and Uwe Breitenb{\"u}cher and Florian Daniel and Florian Lamparelli and Frank Leymann and Vladimir Yussupov},
title = {{Smart Contract Invocation Protocol (SCIP): A Protocol for the Uniform Integration of Heterogeneous Blockchain Smart Contracts}},
booktitle = {CAiSE 2020: Advanced Information Systems Engineering},
editor = {Schahram Dustdar and Eric Yu and Camille Salinesi and Dominique Rieu and Vik Pant},
address = {Cham},
publisher = {Springer International Publishing},
institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany},
series = {Lecture Notes in Computer Science},
volume = {12127},
pages = {134--149},
type = {Conference Paper},
month = {June},
year = {2020},
doi = {10.1007/978-3-030-49435-3_9},
keywords = {Smart Contract Invocation Protocol; SCIP; SCL; SCDL; Blockchain; Smart Contract; Integration},
language = {English},
cr-category = {C.2.4 Distributed Systems,
D.2.11 Software Engineering Software Architectures,
D.2.12 Software Engineering Interoperability},
ee = {http://caise20.imag.fr/},
contact = {Ghareeb Falazi ghareeb.falazi@iaas.uni-stuttgart.de},
department = {University of Stuttgart, Institute of Architecture of Application Systems},
abstract = {Blockchains are distributed ledgers that enable the disintermediation of
collaborative processes and, at the same time, foster trust among partners.
Modern blockchains support smart contracts, i.e., software deployed on the
blockchain, and guarantee their repeatable, deterministic execution. Alas,
blockchains and smart contracts lack standardization. Therefore, smart
contracts come with heterogeneous properties, APIs and data formats. This
hinders the integration of smart contracts running in different blockchains,
e.g., into enterprise business processes. This paper introduces the Smart
Contract Invocation Protocol (SCIP), which unifies interacting with smart
contracts of different blockchains. The protocol supports invoking smart
contract functions, monitoring function executions, emitted events, and
transaction finality, as well as querying a blockchain. The protocol is
accompanied by a prototypical implementation of a SCIP endpoint in the form of
a gateway.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2020-27&engl=1}
}
@inproceedings {INPROC-2019-42,
author = {Andrea Lamparelli and Ghareeb Falazi and Uwe Breitenb{\"u}cher and Florian Daniel and Frank Leymann},
title = {{Smart Contract Locator (SCL) and Smart Contract Description Language (SCDL)}},
booktitle = {Service-Oriented Computing - ICSOC 2019 Workshops},
publisher = {Springer},
institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany},
series = {Lecture Notes in Computer Science (LNCS)},
volume = {12019},
pages = {195--210},
type = {Workshop Paper},
month = {October},
year = {2019},
doi = {10.1007/978-3-030-45989-5_16},
language = {English},
cr-category = {C.2.4 Distributed Systems,
D.2.11 Software Engineering Software Architectures,
D.2.12 Software Engineering Interoperability},
contact = {Ghareeb Falazi ghareeb.falazi@iaas.uni-stuttgart.de},
department = {University of Stuttgart, Institute of Architecture of Application Systems},
abstract = {Today{\^a}€™s blockchain technologies focus mostly on isolated, proprietary
technologies, yet there are application scenarios that ask for
interoperability, e.g., among blockchains themselves or with external
applications. This paper proposes the Smart Contract Locator (SCL) for the
unambiguous identification of smart contracts over the Internet and across
blockchains, and the Smart Contract Description Language (SCDL) for the
abstract description of the external interface of smart contracts. The paper
derives a unified metamodel for blockchain smart contract description and
equips it with a concrete, JSON-based description language for smart contract
search and discovery. The goal of the proposal is to foster smart contract
reuse both inside blockchains and through the integration of smart contracts
inside enterprise applications. The idea is inspired by the Service-Oriented
Architecture (SOA) and aims to provide a high-level, cross-blockchain
interoperability layer.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-42&engl=1}
}
@inproceedings {INPROC-2019-41,
author = {Michael Wurster and Uwe Breitenb{\"u}cher and Antonio Brogi and Ghareeb Falazi and Lukas Harzenetter and Frank Leymann and Jacopo Soldani and Vladimir Yussupov},
title = {{The EDMM Modeling and Transformation System}},
booktitle = {Service-Oriented Computing - ICSOC 2019 Workshops},
publisher = {Springer},
institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany},
pages = {294--298},
type = {Demonstration},
month = {October},
year = {2019},
doi = {10.1007/978-3-030-45989-5_26},
language = {English},
cr-category = {C.0 Computer Systems Organization, General,
D.2 Software Engineering},
contact = {Michael Wurster wurster@iaas.uni-stuttgart.de},
department = {University of Stuttgart, Institute of Architecture of Application Systems},
abstract = {Since deployment automation technologies are heterogeneous regarding their
supported features and modeling languages, selecting a concrete technology is
difficult and can result in a lock-in. Therefore, we presented the Essential
Deployment Metamodel (EDMM) in previous work that abstracts from concrete
technologies and provides a normalized metamodel for creating
technology-independent deployment models. In this demonstration, we present
tool support for EDMM in the form of the EDMM Modeling and Transformation
System, which enables (i) creating EDMM models graphically and (ii)
automatically transforming them into models supported by concrete deployment
automation technologies.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-41&engl=1}
}
@inproceedings {INPROC-2019-35,
author = {Ghareeb Falazi and Michael Hahn and Uwe Breitenb{\"u}cher and Frank Leymann and Vladimir Yussupov},
title = {{Process-Based Composition of Permissioned and Permissionless Blockchain Smart Contracts}},
booktitle = {Proceedings of the 2019 IEEE 23rd International Enterprise Distributed Object Computing Conference (EDOC 2019)},
publisher = {IEEE Computer Society},
institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany},
pages = {77--87},
type = {Conference Paper},
month = {October},
year = {2019},
doi = {10.1109/EDOC.2019.00019},
language = {English},
cr-category = {C.2.4 Distributed Systems,
D.2.2 Software Engineering Design Tools and Techniques,
D.2.11 Software Engineering Software Architectures},
ee = {https://edoc2019.sciencesconf.org/},
department = {University of Stuttgart, Institute of Architecture of Application Systems},
abstract = {Blockchains are distributed systems that facilitate the interaction of
autonomous entities with limited mutual trust. Many of them support
transactional applications known as smart contracts, which access and modify
the shared world state. Permissionless blockchains are completely decentralized
and do not require mutual trust between interacting peers, but at the expense
of having low performance and limited data confidentiality capabilities. On the
other hand, permissioned blockchains solve these issues, but sacrifice complete
decentralization and involve more trust assumptions. Therefore, there is no
single blockchain system suitable for all use-cases. However, this becomes a
serious integration challenge for enterprises that need to interact with
multiple permissioned and permissionless blockchains in the same context. To
facilitate this, we propose an approach that enables composing smart contract
functions of various permissioned and permissionless blockchain systems by
providing the ability to invoke them directly from business process models
using a new task type. To keep this task blockchain-agnostic, we designed a
generic technique to identify smart contract functions, as well as a generic
metric to describe the degree-of-confidence in the finality of blockchain
transactions. Thereby, the proposed approach extends our previous work,
BlockME, which provides business modeling extensions only suitable for
interacting with permissionless blockchains. To validate the practical
feasibility of our approach, we provide a detailed system architecture and a
prototypical implementation supporting multiple blockchains.
Keywords: blockchains, business process management, permissioned blockchains,
smart contract composition, blockchain access layer, BlockME2},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-35&engl=1}
}
@inproceedings {INPROC-2018-43,
author = {Ghareeb Falazi and Uwe Breitenb{\"u}cher and Michael Falkenthal and Lukas Harzenetter and Frank Leymann and Vladimir Yussupov},
title = {{Blockchain-based Collaborative Development of Application Deployment Models}},
booktitle = {On the Move to Meaningful Internet Systems. OTM 2018 Conferences (CoopIS 2018)},
publisher = {Springer International Publishing AG},
institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany},
series = {Lecture Notes in Computer Science},
volume = {11229},
pages = {40--60},
type = {Conference Paper},
month = {October},
year = {2018},
isbn = {978-3-030-02610-3},
doi = {10.1007/978-3-030-02610-3_3},
keywords = {Blockchains; Distributed Storage System; Collaborative Modeling; Declarative Software Deployment Models},
language = {English},
cr-category = {C.2.4 Distributed Systems,
H.4.1 Office Automation},
contact = {Ghareeb Falazi: ghareeb.falazi@iaas.uni-stuttgart.de},
department = {University of Stuttgart, Institute of Architecture of Application Systems},
abstract = {The automation of application deployment is vital today as manually deploying
applications is too slow and error prone. For this reason, various deployment
automation technologies have been developed that process deployment models to
automatically deploy applications. However, in many scenarios, these deployment
models have to be created in collaborative processes involving multiple
participants that belong to independent organizations. For example, in data
analytics scenarios, often external data scientists develop algorithms to
process business-critical data of a company, while IT experts specify the
technical infrastructure to deploy algorithms and data. However, as these
deployment modeling processes are typically highly iterative and as the
participating organizations may have competing interests, the degree of trust
they have in each other is limited. Thus, without a guarantee of
accountability, iterative collaborative deployment modeling is not possible in
business critical domains. In this paper, we propose a decentralized approach
that aims at achieving accountability in collaborative deployment modeling
processes by utilizing public blockchains to store intermediate states of the
collaborative deployment model in a way that guarantees its integrity and
allows obtaining the history of changes it went through. The approach utilizes
the same blockchain to establish the identity and authenticity of all
participants of the process. We validate our approach by providing an
architecture and a prototypical implementation of a blockchain-based deployment
modeling environment based on the TOSCA standard.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2018-43&engl=1}
}
@article {ART-2020-07,
author = {Ghareeb Falazi and Andrea Lamparelli and Uwe Breitenb{\"u}cher and Florian Daniel and Frank Leymann},
title = {{Unified Integration of Smart Contracts Through Service Orientation}},
journal = {IEEE Software},
publisher = {IEEE},
volume = {37},
number = {5},
type = {Article in Journal},
month = {May},
year = {2020},
doi = {10.1109/MS.2020.2994040},
keywords = {SCDL; SCL; SCIP; blockchains; smart contracts; integration},
language = {English},
cr-category = {C.2.4 Distributed Systems,
D.2.11 Software Engineering Software Architectures,
D.2.12 Software Engineering Interoperability},
ee = {https://ieeexplore.ieee.org/document/9091576},
contact = {Ghareeb Falazi ghareeb.falazi@iaas.uni-stuttgart.de},
department = {University of Stuttgart, Institute of Architecture of Application Systems},
abstract = {This article introduces the reader to a set of technologies that lay the
foundation for a service-oriented integration of smart contracts into generic
software applications, such as business processes or enterprise applications.
Using a typical supply chain scenario, the article showcases the use of the
Smart Contract Description Language (SCDL) to describe the external interfaces
of smart contracts, the Smart Contract Locator (SCL) to locate contracts
deployed inside blockchain networks, and the Smart Contract Invocation Protocol
(SCIP) to interact with them from the outside of the blockchain networks. The
three specifications abstract away from blockchain specifics, provide
developers with a unified view over multiple, heterogeneous blockchain
technologies, and are supported by a reference implementation of a SCIP
endpoint able to automatically turn abstract interactions into
blockchain-specific ones.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2020-07&engl=1}
}
@article {ART-2019-19,
author = {Vladimir Yussupov and Ghareeb Falazi and Michael Falkenthal and Frank Leymann},
title = {{Protecting Deployment Models in Collaborative Cloud Application Development}},
journal = {International Journal On Advances in Security},
publisher = {IARIA},
volume = {12},
number = {1\&2},
pages = {79--94},
type = {Article in Journal},
month = {June},
year = {2019},
issn = {1942-2636},
keywords = {Collaboration; Security Policy; Confidentiality; Integrity; Deployment Model; Deployment Automation; TOSCA},
language = {English},
cr-category = {D.2.11 Software Engineering Software Architectures,
D.4.6 Operating Systems Security and Protection},
contact = {Vladimir Yussupov yussupov@iaas.uni-stuttgart.de},
department = {University of Stuttgart, Institute of Architecture of Application Systems},
abstract = {Profitability of industrial processes today depends on well-timed utilization
of new technologies. Development of cloud applications combining cross-domain
knowledge from multiple collaborating parties is one common way to enhance
manufacturing. Often, such collaborations are not centralized due to
outsourcing or rearrangements in organizational structures. Moreover, manual
deployment inefficiency and intellectual property issues further tangle the
development process of such applications. While the development of deployment
models obviates the necessity to manually deploy applications, a way to protect
sensitive data in exchanged deployment models is still needed. In this work, we
describe the specifics of modeling and enforcement of security requirements for
deployment models in the context of decentralized collaborative cloud
application development. We provide a stepwise demonstration of how security
requirements can be specified and enforced in a collaborative development
scenario based on the TOSCA cloud standard. Furthermore, we conceptualize the
system architecture, provide details about the implementation of certain
approach-specific operations, and discuss the limitations of the approach.
Finally, we show the feasibility of the presented concepts via an open-source
prototype.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2019-19&engl=1}
}
@article {ART-2019-14,
author = {Ghareeb Falazi and Vikas Khinchi and Uwe Breitenb{\"u}cher and Frank Leymann},
title = {{Transactional properties of permissioned blockchains}},
journal = {SICS Software-Intensive Cyber-Physical Systems},
address = {Heidelberg},
publisher = {Springer Berlin Heidelberg},
pages = {1--13},
type = {Article in Journal},
month = {August},
year = {2019},
doi = {10.1007/s00450-019-00411-y},
keywords = {Blockchains; Permissioned Blockchains; Transaction Processing; Replicated Databases; Distributed Databases},
language = {English},
cr-category = {C.2.4 Distributed Systems,
H.2.4 Database Management Systems},
contact = {Ghareeb Falazi ghareeb.falazi@iaas.uni-stuttgart.de},
department = {University of Stuttgart, Institute of Architecture of Application Systems},
abstract = {Traditional distributed transaction processing (TP) systems, such as replicated
databases, faced difficulties in getting wide adoption for scenarios of
enterprise integration due to the level of mutual trust required. Ironically,
public blockchains, which promised to solve the problem of mutual trust in
collaborative processes, suffer from issues like scalability, probabilistic
transaction finality, and lack of data confidentiality. To tackle these issues,
permissioned blockchains were introduced as an alternative approach combining
the positives of the two worlds and avoiding their drawbacks. However, no
sufficient analysis has been done to emphasize their actual capabilities
regarding TP. In this paper, we identify a suitable collection of TP criteria
to analyze permissioned blockchains and apply them to a prominent set of these
systems. Finally, we compare the derived properties and provide general
conclusions.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2019-14&engl=1}
}
@article {ART-2019-02,
author = {Ghareeb Falazi and Michael Hahn and Uwe Breitenb{\"u}cher and Frank Leymann},
title = {{Modeling and execution of blockchain-aware business processes}},
journal = {SICS Software-Intensive Cyber-Physical Systems},
address = {Heidelberg},
publisher = {Springer Berlin Heidelberg},
pages = {1--12},
type = {Article in Journal},
month = {February},
year = {2019},
doi = {10.1007/s00450-019-00399-5},
keywords = {Blockchains; Business Process Management Systems; BPMN; Modeling; BlockME; Blockchain Access Layer; BAL; BPMN Extension},
language = {English},
cr-category = {C.2.4 Distributed Systems,
D.2.2 Software Engineering Design Tools and Techniques,
D.2.11 Software Engineering Software Architectures,
D.2.12 Software Engineering Interoperability},
contact = {Ghareeb Falazi ghareeb.falazi@iaas.uni-stuttgart.de},
department = {University of Stuttgart, Institute of Architecture of Application Systems},
abstract = {The blockchain is an emerging technology that allows multiple parties to agree
on a common state without the need for trusted intermediaries. Moreover,
business process technology streamlines the automation of inter- and
intra-organizational processes while cutting-down on costs. With the new
business opportunities provided by blockchains, it becomes vital to combine
both technologies to allow the modeling and execution of blockchain-based
interactions within business processes. However, the existing business process
modeling languages lack support to intuitively model the various interactions
with blockchains. In this paper we address this issue by proposing a business
process modeling extension that captures the particularities of blockchains. We
also show how to transform the proposed constructs into standard-compliant
models, and we present an integration architecture that allows external
applications, to communicate with the blockchains. Finally, we validate our
approach by providing a prototypical implementation that proves its practical
feasibility.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2019-02&engl=1}
}