A UML profile for role-based access control

Çaǧdaş Cirit*, Feza Buzluca

*Bu çalışma için yazışmadan sorumlu yazar

Araştırma sonucu: Kitap/Rapor/Konferans Bildirisinde BölümKonferans katkısıbilirkişi

11 Atıf (Scopus)

Özet

When building an access control aware system, integrating access control specifications into the development process is problematic. Even if security modeling is structured at the early phases of development, security mechanisms are placed into the system at the final phases. This late integration affects security and maintainability of the resulting system in a bad way. In this paper, we present a solution for this problem. We propose a Unified Modeling Language (UML) Profile for Role-Based Access Control (RBAC), with which access control specifications can be modeled graphically together with problem domain specifications from the beginning of the design phase, making it possible to extend security integration over entire development process. We employed significant RBAC constraints like static and dynamic separation of duties into the profile and introduced how Object Constraint Language (OCL) is used to validate well-formedness and meaning of information models against the RBAC.

Orijinal dilİngilizce
Ana bilgisayar yayını başlığıSIN'09 - Proceedings of the 2nd International Conference on Security of Information and Networks
Sayfalar83-92
Sayfa sayısı10
DOI'lar
Yayın durumuYayınlandı - 2009
Etkinlik2nd International Conference on Security of Information and Networks, SIN'09 - Famagusta, Cyprus
Süre: 6 Eki 200910 Eki 2009

Yayın serisi

AdıSIN'09 - Proceedings of the 2nd International Conference on Security of Information and Networks

???event.eventtypes.event.conference???

???event.eventtypes.event.conference???2nd International Conference on Security of Information and Networks, SIN'09
Ülke/BölgeCyprus
ŞehirFamagusta
Periyot6/10/0910/10/09

Parmak izi

A UML profile for role-based access control' araştırma başlıklarına git. Birlikte benzersiz bir parmak izi oluştururlar.

Alıntı Yap