Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
MDA Explained: The Model Driven Architecture: Practice and Promise
MDA Explained: The Model Driven Architecture: Practice and Promise
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
MODELS '09 Proceedings of the 12th International Conference on Model Driven Engineering Languages and Systems
Rapid UI development for enterprise applications: combining manual and model-driven techniques
MODELS'10 Proceedings of the 13th international conference on Model driven engineering languages and systems: Part I
A decade of model-driven security
Proceedings of the 16th ACM symposium on Access control models and technologies
Automatic generation of smart, security-aware GUI models
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
| Hi-index | 0.00 |
In this tutorial we survey a very promising instance of modeldriven security: the full generation of security-aware graphical user interfaces (GUIs) from models for data-centric applications with access control policies. We describe the modeling concepts and languages employed and how model transformation can be used to automatically lift security policies from data models to GUI models. We work through a case study where we generate a security-aware GUI for a chatroom application. We also present a toolkit that supports the construction of security, data, and GUI models and generates complete, deployable, web applications from these models.