Karsten, Thomas2011-12-272016-03-312011-12-272016-03-312011356725286http://nbn-resolving.de/urn:nbn:de:bsz:93-opus-69991http://elib.uni-stuttgart.de/handle/11682/2805http://dx.doi.org/10.18419/opus-2788Service-oriented architecture offers a promising approach for supporting interoperability and flexibility in the context of increasingly dynamic and rapidly changing requirements in the business world. However, encapsulation of business functionalities as self-contained services, as one of the main concepts in a SOA, brings new challenges. While business experts concentrate on the domain-specific aspects, other non-functional requirements such as security remain mostly neglected, if all understood. Costs for security administration may increase, business-driven security requirements may not be addressed and security configurations may not match at all internal and external regulations and guidelines. Based on these needs, we propose a technology-independent framework that provides graphical concepts for incorporating the security demands, facilitating the handling of security requirements from the specification to their realization.eninfo:eu-repo/semantics/openAccess004masterThesis