TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Building and managing the Meta Data Repository: A Full Life-Cycle Guide
Building and managing the Meta Data Repository: A Full Life-Cycle Guide
SecureUML: A UML-Based Modeling Language for Model-Driven Security
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Security Engineering with Patterns: Origins, Theoretical Models, and New Applications
Security Engineering with Patterns: Origins, Theoretical Models, and New Applications
Secure Systems Development with UML
Secure Systems Development with UML
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
Modelling Inter-organizational Workflow Security in a Peer-to-Peer Environment
ICWS '05 Proceedings of the IEEE International Conference on Web Services
Modeling permissions in a (U/X)ML world
ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
The Definitive ANTLR Reference: Building Domain-Specific Languages
The Definitive ANTLR Reference: Building Domain-Specific Languages
MoDELS'06 Proceedings of the 2006 international conference on Models in software engineering
Towards a MOF/QVT-Based domain architecture for model driven security
MoDELS'06 Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems
A framework for modeling restricted delegation in service oriented architecture
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
A flexible role-based delegation model using characteristics of permissions
DEXA'05 Proceedings of the 16th international conference on Database and Expert Systems Applications
Web service engineering – advancing a new software engineering discipline
ICWE'05 Proceedings of the 5th international conference on Web Engineering
Business process modeling: defining domain specific modeling languages by use of UML profiles
ECMDA-FA'06 Proceedings of the Second European conference on Model Driven Architecture: foundations and Applications
Model driven security for inter-organizational workflows in e-government
TCGOV'05 Proceedings of the 2005 international conference on E-Government: towards Electronic Democracy
CAiSE '09 Proceedings of the 21st International Conference on Advanced Information Systems Engineering
Modeling process-related RBAC models with extended UML activity models
Information and Software Technology
Learning relational policies from electronic health record access logs
Journal of Biomedical Informatics
A decade of model-driven security
Proceedings of the 16th ACM symposium on Access control models and technologies
A contextual privacy-aware access control model for network monitoring workflows: work in progress
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
A workflow checking approach for inherent privacy awareness in network monitoring
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
A privacy-aware access control model for distributed network monitoring
Computers and Electrical Engineering
Information and Software Technology
Hi-index | 0.00 |
With respect to Service Oriented Architectures (SOA's) paradigm, the core Role Based Access Control (RBAC) has several limitations. In SOA, permissions to execute web services are not assigned statically to roles but are associated with a set of Permission Assignment Constraints (PAC) upon the fulfilment of which a role is assigned a permission to execute a web service. Further, the RBAC does not support partial inheritance which is an integral requirement in SOA. A major challenge in SOA is the inheritance of permissions associated with PAC in the presence of role hierarchies. This contribution has three objectives. First we propose an extension to Role Based Access Control (available at csrc.nist.gov/rbac/), which we call Constraint based RBAC (CRBAC), in order to make RBAC applicable to the dynamic environment of SOA. Within CRBAC, a high-level language - called SECTET-PL (available at http:// qe-informatik.uibk.ac.at/~muhammad/TechnicalReportSECTETPL.pdf) is used for the specification of PAC. Being part of the SECTET-framework for model-driven security for B2B-workflows, SECTET-PL is a policy language influenced by OCL (available at http://www.omg.org/docs/ptc/03-10-14.pdf) and interpreted in the context of UML models. Using the Model Driven Architecture (MDA) (available at http://www.omg.org/mda) paradigm, we then describe the transformation of high-level security models to low-level web services standard artefacts with the help of the Eclipse Modelling Framework and OpenArchitectureWare. Finally, we present the target architecture of the SECTET-framework used to realize the security artefacts generated from the transformations and thus completes the cycle of MDA.