A feature-based approach for modeling role-based access control systems

Authors:
Sangsig Kim;Dae-Kyoo Kim;Lunjin Lu;Suntae Kim;Sooyong Park
Affiliations:
Department of Computer Science and Engineering, Oakland University, Rochester, MI 48309, USA;Department of Computer Science and Engineering, Oakland University, Rochester, MI 48309, USA;Department of Computer Science and Engineering, Oakland University, Rochester, MI 48309, USA;Department of Computer Engineering, Kangwon National University, Gangwon, South Korea;Department of Computer Science and Engineering, Sogang University, Seoul, South Korea
Venue:
Journal of Systems and Software
Year:
2011

Citing 29
Cited 1

Design patterns: elements of reusable object-oriented software

Design patterns: elements of reusable object-oriented software
An approach for exploring code improving transformations

ACM Transactions on Programming Languages and Systems (TOPLAS)
Application of XML tools for enterprise-wide RBAC implementation tasks

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Protection in operating systems

Communications of the ACM
Composition patterns: an approach to designing reusable aspects

ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
TRBAC: A temporal role-based access control model

ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
Context sensitivity in role-based access control

ACM SIGOPS Operating Systems Review
UML-Based Representation of Role-Based Access Control

WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
SecureUML: A UML-Based Modeling Language for Model-Driven Security

UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
UMLsec: Extending UML for Secure Systems Development

UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Privacy Enforcement with an Extended Role-Based Access Control Model

Privacy Enforcement with an Extended Role-Based Access Control Model
A taxonomy of inheritance semantics

IWSSD '93 Proceedings of the 7th international workshop on Software specification and design
Using uml to visualize role-based access control constraints

Proceedings of the ninth ACM symposium on Access control models and technologies
Verifiable composition of access control and application features

Proceedings of the tenth ACM symposium on Access control models and technologies
FeaturePlugin: feature modeling plug-in for Eclipse

eclipse '04 Proceedings of the 2004 OOPSLA workshop on eclipse technology eXchange
Semantics of interactions in UML 2.0

HCC '03 Proceedings of the 2003 IEEE Symposium on Human Centric Computing Languages and Environments
Refactoring product lines

Proceedings of the 5th international conference on Generative programming and component engineering
Feature Diagrams and Logics: There and Back Again

SPLC '07 Proceedings of the 11th International Software Product Line Conference
Product Line Implementation using Aspect-Oriented and Model-Driven Software Development

SPLC '07 Proceedings of the 11th International Software Product Line Conference
Reconciling Automation and Flexibility in Product Derivation

SPLC '08 Proceedings of the 2008 12th International Software Product Line Conference
Quality-driven architecture development using architectural tactics

Journal of Systems and Software
Mapping problem-space to solution-space features: a feature interaction approach

GPCE '09 Proceedings of the eighth international conference on Generative programming and component engineering
Safe composition of non-monotonic features

GPCE '09 Proceedings of the eighth international conference on Generative programming and component engineering
Weaving multiple aspects in sequence diagrams

Transactions on aspect-oriented software development III
Composing feature models

SLE'09 Proceedings of the Second international conference on Software Language Engineering
A verifiable modeling approach to configurable role-based access control

FASE'10 Proceedings of the 13th international conference on Fundamental Approaches to Software Engineering
Mapping features to models: a template approach based on superimposed variants

GPCE'05 Proceedings of the 4th international conference on Generative Programming and Component Engineering
Feature models, grammars, and propositional formulas

SPLC'05 Proceedings of the 9th international conference on Software Product Lines

Role-facing modelling and analysis of workflow based on supply and demand network with multi-function and opening characteristics

International Journal of Electronic Finance

Quantified Score

Hi-index	0.00

Visualization

Abstract

Abstract: Role-based access control (RBAC) is a popular access control model for enterprise systems due to its flexibility and scalability. There are many RBAC features available, each providing a different function. Not all features are needed for an RBAC system. Depending on the requirements, one should be able to configure features on a need basis, which reduces development complexity and thus fosters development. However, there have not been suitable methods that enable systematic configuration of RBAC features for system development. This paper presents an approach for configuring RBAC features using a combination of feature modeling and UML modeling. Feature modeling is used for capturing the structure of features and configuration rules, and UML modeling is used for defining the semantics of features. RBAC features are defined based on design principles of partial inheritance and compatibility, which facilitates feature composition and verification. We demonstrate the approach using a banking application and present tool support developed for the approach.