An MDA-Based Environment for Generating Access Control Policies

Authors:
Heiko Klarl;Florian Marmé;Christian Wolff;Christian Emig;Sebastian Abeck
Affiliations:
iC Consult GmbH, Oberhaching, Germany 82041 and Media Computing, University of Regensburg, Germany;iC Consult GmbH, Oberhaching, Germany 82041 and Cooperation & Management, University of Karlsruhe (TH), Germany;Media Computing, University of Regensburg, Germany;iC Consult GmbH, Oberhaching, Germany 82041 and Cooperation & Management, University of Karlsruhe (TH), Germany;Cooperation & Management, University of Karlsruhe (TH), Germany
Venue:
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
Year:
2009

Citing 8
Cited 2

Model Driven Architecture: Applying MDA to Enterprise Computing

Model Driven Architecture: Applying MDA to Enterprise Computing
PFIRES: a policy framework for information security

Communications of the ACM - A game experience in every application
Development of SOA-Based Software Systems - an Evolutionary Programming Approach

AICT-ICIW '06 Proceedings of the Advanced Int'l Conference on Telecommunications and Int'l Conference on Internet and Web Applications and Services
Business-driven application security: from modeling to managing secure applications

IBM Systems Journal
Secure Business Process Management: A Roadmap

ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
An Access Control Metamodel for Web Service-Oriented Architecture

ICSEA '07 Proceedings of the International Conference on Software Engineering Advances
Business Process Management: Concepts, Languages, Architectures

Business Process Management: Concepts, Languages, Architectures
M-BPSec: a method for security requirement elicitation from a UML 2.0 business process specification

ER'07 Proceedings of the 2007 conference on Advances in conceptual modeling: foundations and applications

Security-aware web service composition approaches: state-of-the-art

Proceedings of the 13th International Conference on Information Integration and Web-based Applications and Services
Modelling context-aware RBAC models for mobile business processes

International Journal of Wireless and Mobile Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Identity management and access control are essential in the enterprise IT landscape in order to control access to applications and to fulfil laws or regulations. The global competition of enterprises leads to short development cycles and fast changes of IT applications, which requires also an error-free and quick adaption of its security. The model-driven development of access control policies promises to cope with this situation. This work introduces an mda-based environment for generating access control policies. A comprehensive overview is given on the organisational aspects, describing details of roles, artefacts and tools involved. On this basis the four phases of a model-driven development process for access control policies and their organisational aspects are presented.