Describing Access Control Patterns Using Roles

Access control patterns describe access control mechanisms at a high level of abstraction. An access control pattern provides a general solution to a class of access control problems for the confidentiality, integrity and availability of the information resources of software systems. While there has been much literature describing the general solution as to how these patterns enforce access control voluminously, there is little work that describes the patterns in a pattern template using appropriate notations for an easy and quick reference. In this paper, we present pattern descriptions of three commonly used access control patterns (DAC, MAC, RBAC) described in the template of pattern-oriented software architecture (POSA). We use an extension of the UML for representing the structure and behaviors of the patterns to capture variations of pattern realizations. We also attempt to give more details on the problem domain of the patterns to help developers choose an suitable pattern.