Design patterns: elements of reusable object-oriented software
Design patterns: elements of reusable object-oriented software
Application of XML tools for enterprise-wide RBAC implementation tasks
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Protection in operating systems
Communications of the ACM
Composition patterns: an approach to designing reusable aspects
ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
UML-Based Representation of Role-Based Access Control
WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
SecureUML: A UML-Based Modeling Language for Model-Driven Security
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
UMLsec: Extending UML for Secure Systems Development
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
The Object Constraint Language: Getting Your Models Ready for MDA
The Object Constraint Language: Getting Your Models Ready for MDA
A taxonomy of inheritance semantics
IWSSD '93 Proceedings of the 7th international workshop on Software specification and design
Verifiable composition of access control and application features
Proceedings of the tenth ACM symposium on Access control models and technologies
Semantics of interactions in UML 2.0
HCC '03 Proceedings of the 2003 IEEE Symposium on Human Centric Computing Languages and Environments
Role-Based Access Control, Second Edition
Role-Based Access Control, Second Edition
A feature-based approach for modeling role-based access control systems
Journal of Systems and Software
Hi-index | 0.00 |
Role-based access control (RBAC) is a popular access control model for enterprise systems due to its economic benefit and scalability. There are many RBAC features available, each providing a different feature. Not all features are needed for an RBAC system. Depending on the requirements, one should be able to configure RBAC by selecting only those features that are needed for the requirements. However, there have not been suitable methods that enable RBAC configuration at the feature level. This paper proposes an approach for systematic RBAC configuration using a combination of feature modeling and UML modeling. The approach describes feature modeling and design principles for specifying and verifying RBAC features and a composition method for building configured RBAC. We demonstrate the approach by building an RBAC configuration for a bank application.