TY - GEN
T1 - A UML profile for role-based access control
AU - Cirit, Çaǧdaş
AU - Buzluca, Feza
PY - 2009
Y1 - 2009
N2 - When building an access control aware system, integrating access control specifications into the development process is problematic. Even if security modeling is structured at the early phases of development, security mechanisms are placed into the system at the final phases. This late integration affects security and maintainability of the resulting system in a bad way. In this paper, we present a solution for this problem. We propose a Unified Modeling Language (UML) Profile for Role-Based Access Control (RBAC), with which access control specifications can be modeled graphically together with problem domain specifications from the beginning of the design phase, making it possible to extend security integration over entire development process. We employed significant RBAC constraints like static and dynamic separation of duties into the profile and introduced how Object Constraint Language (OCL) is used to validate well-formedness and meaning of information models against the RBAC.
AB - When building an access control aware system, integrating access control specifications into the development process is problematic. Even if security modeling is structured at the early phases of development, security mechanisms are placed into the system at the final phases. This late integration affects security and maintainability of the resulting system in a bad way. In this paper, we present a solution for this problem. We propose a Unified Modeling Language (UML) Profile for Role-Based Access Control (RBAC), with which access control specifications can be modeled graphically together with problem domain specifications from the beginning of the design phase, making it possible to extend security integration over entire development process. We employed significant RBAC constraints like static and dynamic separation of duties into the profile and introduced how Object Constraint Language (OCL) is used to validate well-formedness and meaning of information models against the RBAC.
KW - Model driven architecture
KW - Model validation
KW - Object constraint language
KW - Role-based access control
KW - Security engineering
KW - Stereotype
KW - Tagged value
KW - Unified modeling language profile
UR - http://www.scopus.com/inward/record.url?scp=70350637633&partnerID=8YFLogxK
U2 - 10.1145/1626195.1626217
DO - 10.1145/1626195.1626217
M3 - Conference contribution
AN - SCOPUS:70350637633
SN - 9781605584126
T3 - SIN'09 - Proceedings of the 2nd International Conference on Security of Information and Networks
SP - 83
EP - 92
BT - SIN'09 - Proceedings of the 2nd International Conference on Security of Information and Networks
T2 - 2nd International Conference on Security of Information and Networks, SIN'09
Y2 - 6 October 2009 through 10 October 2009
ER -