Design patterns: elements of reusable object-oriented software
Design patterns: elements of reusable object-oriented software
An approach for exploring code improving transformations
ACM Transactions on Programming Languages and Systems (TOPLAS)
Application of XML tools for enterprise-wide RBAC implementation tasks
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Protection in operating systems
Communications of the ACM
Composition patterns: an approach to designing reusable aspects
ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Context sensitivity in role-based access control
ACM SIGOPS Operating Systems Review
UML-Based Representation of Role-Based Access Control
WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
SecureUML: A UML-Based Modeling Language for Model-Driven Security
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
UMLsec: Extending UML for Secure Systems Development
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Privacy Enforcement with an Extended Role-Based Access Control Model
Privacy Enforcement with an Extended Role-Based Access Control Model
A taxonomy of inheritance semantics
IWSSD '93 Proceedings of the 7th international workshop on Software specification and design
Using uml to visualize role-based access control constraints
Proceedings of the ninth ACM symposium on Access control models and technologies
Verifiable composition of access control and application features
Proceedings of the tenth ACM symposium on Access control models and technologies
FeaturePlugin: feature modeling plug-in for Eclipse
eclipse '04 Proceedings of the 2004 OOPSLA workshop on eclipse technology eXchange
Semantics of interactions in UML 2.0
HCC '03 Proceedings of the 2003 IEEE Symposium on Human Centric Computing Languages and Environments
Proceedings of the 5th international conference on Generative programming and component engineering
Feature Diagrams and Logics: There and Back Again
SPLC '07 Proceedings of the 11th International Software Product Line Conference
Product Line Implementation using Aspect-Oriented and Model-Driven Software Development
SPLC '07 Proceedings of the 11th International Software Product Line Conference
Reconciling Automation and Flexibility in Product Derivation
SPLC '08 Proceedings of the 2008 12th International Software Product Line Conference
Quality-driven architecture development using architectural tactics
Journal of Systems and Software
Mapping problem-space to solution-space features: a feature interaction approach
GPCE '09 Proceedings of the eighth international conference on Generative programming and component engineering
Safe composition of non-monotonic features
GPCE '09 Proceedings of the eighth international conference on Generative programming and component engineering
Weaving multiple aspects in sequence diagrams
Transactions on aspect-oriented software development III
SLE'09 Proceedings of the Second international conference on Software Language Engineering
A verifiable modeling approach to configurable role-based access control
FASE'10 Proceedings of the 13th international conference on Fundamental Approaches to Software Engineering
Mapping features to models: a template approach based on superimposed variants
GPCE'05 Proceedings of the 4th international conference on Generative Programming and Component Engineering
Feature models, grammars, and propositional formulas
SPLC'05 Proceedings of the 9th international conference on Software Product Lines
International Journal of Electronic Finance
Hi-index | 0.00 |
Abstract: Role-based access control (RBAC) is a popular access control model for enterprise systems due to its flexibility and scalability. There are many RBAC features available, each providing a different function. Not all features are needed for an RBAC system. Depending on the requirements, one should be able to configure features on a need basis, which reduces development complexity and thus fosters development. However, there have not been suitable methods that enable systematic configuration of RBAC features for system development. This paper presents an approach for configuring RBAC features using a combination of feature modeling and UML modeling. Feature modeling is used for capturing the structure of features and configuration rules, and UML modeling is used for defining the semantics of features. RBAC features are defined based on design principles of partial inheritance and compatibility, which facilitates feature composition and verification. We demonstrate the approach using a banking application and present tool support developed for the approach.