Model checking
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Alloy: a lightweight object modelling notation
ACM Transactions on Software Engineering and Methodology (TOSEM)
vUML: A Tool for Verifying UML Models
ASE '99 Proceedings of the 14th IEEE international conference on Automated software engineering
Symbolic model checking of UML activity diagrams
ACM Transactions on Software Engineering and Methodology (TOSEM)
A light-weight static approach to analyzing UML behavioral properties
ICECCS '07 Proceedings of the 12th IEEE International Conference on Engineering Complex Computer Systems
USE: A UML-based specification environment for validating UML and OCL
Science of Computer Programming
Ensuring UML Models Consistency Using the OCL Environment
Electronic Notes in Theoretical Computer Science (ENTCS)
Validating UML models and OCL constraints
UML'00 Proceedings of the 3rd international conference on The unified modeling language: advancing the standard
Model checking security policy model using both UML static and dynamic diagrams
Proceedings of the 4th international conference on Security of information and networks
Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL
Information and Software Technology
SUDA: a scenario-based UML design analysis approach
Proceedings of the 2nd International Master Class on Model-Driven Engineering: Modeling Wizards
Hi-index | 0.00 |
Static analysis tools, such as OCLE and USE, can be used to analyze structural properties of class models. The USE tool also provides support for analyzing specified operations through interactive simulations in which users provide operation parameters, and manually assign values to state elements to reflect the effect of an operation. In this paper we describe an approach to statically analyzing behavior that does not require a user to manually simulate behavior. The approach involves transforming a class model into a static model of behavior, called a Snapshot Model. A Snapshot Model characterizes sequences of snapshots, where a snapshot describes an application state. A scenario describing a sequence of operation invocations can be verified against a Snapshot Model using tools such as USE and OCLE. We illustrate our approach by verifying a scenario against a Snapshot Model that describes the behavior of some operations in a role-based access control (RBAC) application.