The Open UniversitySkip to content

Model-Based Analysis of Role-Based Access Control

Montrieux, Lionel (2013). Model-Based Analysis of Role-Based Access Control. PhD thesis. The Open University.

Full text available as:
PDF (Version of Record) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (3MB) | Preview
Google Scholar: Look up in Google Scholar


Model-Driven Engineering (MDE) has been extensively studied. Many directions have been explored, sometimes with the dream of providing a fully integrated approach for designers, developers and other stakeholders to create, reason about and modify models representing software systems.
Most, but not all, of the research in MDE has focused on general-purpose languages and models, such as Java and UML. Domain-specific and cross-cutting concerns, such as security, are increasingly essential parts of a software system, but are only treated as second-class citizens in the most popular modelling languages. Efforts have been made to give security, and in particular access control, a more prominent place in MDE, but most of these approaches require advanced knowledge in security, programming (often declarative), or both, making them difficult to use by less technically trained stakeholders. In this thesis, we propose an approach to modelling, analysing and automatically fixing role-based access control (RBAC) that does not require users to write code or queries themselves. To this end, we use two UML profiles and associated OCL constraints that provide the modelling and analysis features. We propose a taxonomy of OCL constraints and use it to define a partial order between categories of constraints, that we use to propose strategies to speed up the models’ evaluation time. Finally, by representing OCL constraints as constraints on a graph, we propose an automated approach for generating lists of model changes that can be applied to an incorrect model in order to fix it. All these features have been fully integrated into a UML modelling IDE, IBM Rational Software Architect.

Item Type: Thesis (PhD)
Copyright Holders: 2013 The Open University
Keywords: model-driven software architecture; computer security; computer networks; access control
Academic Unit/School: Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Item ID: 38672
Depositing User: Lionel Montrieux
Date Deposited: 10 Oct 2013 15:40
Last Modified: 10 May 2019 14:59
Share this page:

Download history for this item

These details should be considered as only a guide to the number of downloads performed manually. Algorithmic methods have been applied in an attempt to remove automated downloads from the displayed statistics but no guarantee can be made as to the accuracy of the figures.

Actions (login may be required)

Policies | Disclaimer

© The Open University   contact the OU