Role-Based Access Control Models
Computer
SecureUML: A UML-Based Modeling Language for Model-Driven Security
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Practical Domain and Type Enforcement for UNIX
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Verifying information flow goals in security-enhanced Linux
Journal of Computer Security - Special issue on WITS'03
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
SELinux by Example: Using Security Enhanced Linux (Prentice Hall Open Source Software Development Series)
Analyzing integrity protection in the SELinux example policy
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
The flask security architecture: system support for diverse security policies
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
A Systematic Approach to Domain-Specific Language Design Using UML
ISORC '07 Proceedings of the 10th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing
Modeling and Enforcing Advanced Access Control Policies in Healthcare Systems with Sectet
Models in Software Engineering
Model driven security for inter-organizational workflows in e-government
TCGOV'05 Proceedings of the 2005 international conference on E-Government: towards Electronic Democracy
| Hi-index | 0.00 |
The need for access control in computer systems is inherent. However, the complexity to configure such systems is constantly increasing which affects the overall security of a system negatively. We think that it is important to define security requirements on a non-technical level while taking the application domain into respect in order to have a clear and separated view on security configuration (i.e. unblurred by technical details). On the other hand, security functionality has to be tightly integrated with the system and its development process in order to provide comprehensive means of enforcement. In this paper, we propose a systematic approach based on model-driven security configuration to leverage existing operating system security mechanisms (SELinux) for realising access control. We use UML models and develop a UML profile to satisfy these needs. Our goal is to exploit a comprehensive protection mechanism while rendering its security policy manageable by a domain specialist.