From Access Control Policies to an Aspect-Based Infrastructure: A Metamodel-Based Approach

Authors:
Christiano Braga
Affiliations:
Universidad Complutense de Madrid,
Venue:
Models in Software Engineering
Year:
2009

Citing 15
Cited 1

Order-sorted algebra I: equational deduction for multiple inheritance, overloading, exceptions and partial operations

Theoretical Computer Science
Role-Based Access Control Models

Computer
Object-oriented software construction (2nd ed.)

Object-oriented software construction (2nd ed.)
An Overview of AspectJ

ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Security Through Aspect-Oriented Programming

Proceedings of the IFIP TC11 WG11.4 First Annual Working Conference on Network Security: Advances in Network and Distributed Systems Security
Model driven security: From UML models to access control infrastructures

ACM Transactions on Software Engineering and Methodology (TOSEM)
Role-Based Access Control, Second Edition

Role-Based Access Control, Second Edition
Model-Driven Security in Practice: An Industrial Experience

ECMDA-FA '08 Proceedings of the 4th European conference on Model Driven Architecture: Foundations and Applications
Automated analysis of security-design models

Information and Software Technology
A model transformation semantics and analysis methodology for SecureUML

MoDELS'06 Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems
Model transformations? transformation models!

MoDELS'06 Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems
An aspect-oriented approach to declarative access control for web applications

APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Dynamic secure aspect modeling with UML: from models to code

MoDELS'05 Proceedings of the 8th international conference on Model Driven Engineering Languages and Systems
A formal enforcement framework for role-based access control using aspect-oriented programming

MoDELS'05 Proceedings of the 8th international conference on Model Driven Engineering Languages and Systems
ITP/OCL: a rewriting-based validation tool for UML+OCL static class diagrams

AMAST'06 Proceedings of the 11th international conference on Algebraic Methodology and Software Technology

On the specification, verification and implementation of model transformations with transformation contracts

SBMF'11 Proceedings of the 14th Brazilian conference on Formal Methods: foundations and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security is among the most successful applications of aspect-oriented concepts. In particular, in role-based access control, aspects capture access conditions in a quite modular way. The question we address in this paper is how can aspects be generated from access control policies under a validated process? We present a metamodel-based transformation from SecureUML, a role-based access control language, to an abstract aspect language. Within this model-driven engineering context, a security policy is represented as an instance of SecureUML's metamodel and the generated aspect is represented as an instance of the abstract aspect language metamodel. Invariants specified on the merged metamodel of SecureUML and the abstract aspect language are checked to validate the generated aspect with respect to the given security policy. We have prototyped our approach as a Java application on top of ITP/OCL, a rewriting-based OCL evaluator. It outputs validated AspectJ code from a SecureUML policy.