Tool support for UML-based specification and verification of role-based access control properties

Montrieux, Lionel; Wermelinger, Michel and Yu, Yijun (2011). Tool support for UML-based specification and verification of role-based access control properties. In: 8th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering , 4-9 Sep 2011, Szeged, Hungary.

Full text available as:

Preview

PDF (Version of Record) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader Download (299Kb)

Google Scholar:	Look up in Google Scholar

Abstract

It has been argued that security perspectives, of which access control is one, should be taken into account as early as possible in the software development process. Towards that goal, we present in this paper a tool supporting our modelling approach to specify and verify access control in accordance to the NIST standard Role-Based Access Control (RBAC). RBAC is centred on mapping users to their roles in an organisation, to make access control permissions easier to set and maintain.
Our modelling approach uses only standard UML mechanisms, like metamodels and OCL constraints, and improves on existing approaches in various ways: designers don’t have to learn new languages or adopt new tools or methodologies; user-role and role-permission assignments can be specified separately to be reused across models; access control is specified over class and activity diagrams, including ‘anti-scenarios’; access control is automatically verified. The tool is built on top of an existing modelling IDE and allows for automatic verification of models according to our RBAC modelling approach, while providing users with the ability to easily identify and correct errors in the model when they are detected.

Item Type:	Conference Item
Copyright Holders:	2011 ACM
Extra Information:	The UML profile and example described in this paper can be downloaded from the Related URL given below. Pages: 456-459 ISBN: 978-1-4503-0443-6
Keywords:	security; UML; RBAC; model; verification; OCL; model-driven engineering
Academic Unit/Department:	Mathematics, Computing and Technology > Computing & Communications
Interdisciplinary Research Centre:	Centre for Research in Computing (CRC)
Related URLs:	http://computing-research.open.ac.uk/rba...(Other) http://dl.dropbox.com/u/7125840/rbacUML-...(Other)
Item ID:	29066
Depositing User:	Michel Wermelinger
Date Deposited:	12 Jul 2011 08:44
Last Modified:	24 Oct 2012 23:23
URI:	http://oro.open.ac.uk/id/eprint/29066

Actions (login may be required)

	View Item
RDF+XMLBibTeXRDF+N-TriplesJSONDublin CoreAtomOAI-ORE Resource Map (Atom Format)Simple MetadataReferMETSOAI-ORE Resource Map (RDF Format)HTML CitationASCII CitationMultiline CSVRefMan RIS Format (UTF-8)OpenURL ContextObjectEndNoteMODSOpenURL ContextObject in SpanMPEG-21 DIDLEP3 XMLRefMan RIS FormatRDF+N3Eprints Application Profile	Report issue / request change