Using Parameterized UML to Specify and Compose Access Control Models
نویسندگان
چکیده
Abstract: Situations can arise in which organizations have to merge policies that are based on different access control frameworks, such as Role Based Access Control (RBAC) and Mandatory Access Control (MAC). Integrating policies requires addressing the following question: How will the integration impact access to protected resources? In particular, one needs to determine that the integration does not result in security breaches or unavailability of resources. A way of addressing these concerns is to model the access control frameworks, compose the models, and analyze the resulting model to identify problems. In this paper we outline a technique for modeling and composing access control policy frameworks. Specifically, we model RBAC and MAC using a variant of the Unified Modeling Language (UML) and show how to compose the models. The composed model can be used as a base for defining access control policies in a military domain.
منابع مشابه
Mapping Sequence diagram in Fuzzy UML to Fuzzy Petri Net
This ability in fuzzy UML, practically leaves the customers and market’s need without response in this important and vital area. Here, the available sequence diagrams in fuzzy UML will map into fuzzy Petri net. However, the formal models ability will be added to the Semi-formal fuzzy UML. This formalization will add the automatic processing ability to the Semi-formal fuzzy UML. Further more, t...
متن کاملModeling Role-Based Access Control Using Parameterized UML Models
Organizations use Role-Based Access Control (RBAC) to protect computer-based resources from unauthorized access. There has been considerable work on formally specifying RBAC policies but there is still a need for RBAC policy specification techniques that can be integrated into software design methods. This paper describes a method for incorporating specifications of RBAC policies into UML desig...
متن کاملReconstructing a formal security model
Role-based access control (RBAC) is a flexible approach to access control, which has generated great interest in the security community. The principal motivation behind RBAC is to simplify the complexity of administrative tasks. Several formal models of RBAC have been introduced. However, there are a few works specifying RBAC in a way which system developers or software engineers can easily und...
متن کاملAspect Oriented UML to ECORE Model Transformation
With the emerging concept of model transformation, information can be extracted from one or more source models to produce the target models. The conversion of these models can be done automatically with specific transformation languages. This conversion requires mapping between both models with the help of dynamic hash tables. Hash tables store reference links between the elements of the source...
متن کاملAspect-Oriented Modeling of Access Control in Web Applications
Access control is only inadequately supported by the common design methods for Web applications. We propose an aspect-oriented technique for solving this problem. Our approach is an extension of UML-based Web Engineering. UML state machines are used to specify the access control rules of navigation nodes. Aspectoriented modeling helps modularize the design.
متن کامل