Modeling process-related RBAC models with extended UML activity models
نویسندگان
چکیده
Article history: Received 28 July 2010 Received in revised form 30 November 2010 Accepted 30 November 2010 Available online 13 December 2010
منابع مشابه
Consistency Checks for Duties in Extended UML2 Activity Models
Process-aware information systems support the execution of business processes. In this context, organizations require the precise specification of security policies that govern the behavior of subjects in the systems. Obligation policies specify duties to be fulfilled by certain subjects. In organizational contexts, duties are often associated with a certain task in a business process. In this ...
متن کاملModelling context-aware RBAC models for mobile business processes
In a mobile computing environment, distributed business processes are executed in varying contexts. Context-aware access control mechanisms help to protect sensitive data and services in mobile application scenarios. Context constraints are a means to consider context information in access control decisions. In this paper, we integrate context constraints with process-related role-based access ...
متن کاملModel-driven specification and enforcement of RBAC break-glass policies for process-aware information systems
Context: In many organizational environments critical tasks exist which – in exceptional cases such as an emergency – must be performed by a subject although he/she is usually not authorized to perform these tasks. Break-glass policies have been introduced as a sophisticated exception handling mechanism to resolve such situations. They enable certain subjects to break or override the standard a...
متن کاملReconstructing a formal security model
Role-based access control (RBAC) is a flexible approach to access control, which has generated great interest in the security community. The principal motivation behind RBAC is to simplify the complexity of administrative tasks. Several formal models of RBAC have been introduced. However, there are a few works specifying RBAC in a way which system developers or software engineers can easily und...
متن کاملIntegrating Access Control into UML for Secure Software Modeling and Analysis
Access control models are often an orthogonal activity when designing, implementing, and deploying software applications. Role-based access control (RBAC) which targets privileges based on responsibilities within an application and mandatory access control (MAC) that emphasizes the protection of information via security tags are two dominant approaches in this regard. The integration of access ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Information & Software Technology
دوره 53 شماره
صفحات -
تاریخ انتشار 2011