An access control language for dynamic systems – model-driven development and verification

Authors:
Manuel Koch;Karl Pauls
Affiliations:
Freie Universität Berlin, Berlin, Germany;Freie Universität Berlin, Berlin, Germany
Venue:
SDL'05 Proceedings of the 12th international conference on Model Driven
Year:
2005

Citing 12
Cited 0

Handbook of graph grammars and computing by graph transformation: volume I. foundations

Handbook of graph grammars and computing by graph transformation: volume I. foundations
Algebraic approaches to graph transformation. Part II: single pushout approach and comparison with double pushout approach

Handbook of graph grammars and computing by graph transformation
The NIST model for role-based access control: towards a unified standard

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Role-based authorization constraints specification

ACM Transactions on Information and System Security (TISSEC)
Aspect-oriented programming: Introduction

Communications of the ACM
Practical safety in flexible access control models

ACM Transactions on Information and System Security (TISSEC)
A graph-based formalism for RBAC

ACM Transactions on Information and System Security (TISSEC)
Model Driven Architecture: Applying MDA to Enterprise Computing

Model Driven Architecture: Applying MDA to Enterprise Computing
Conflict Detection and Resolution in Access Control Policy Specifications

FoSSaCS '02 Proceedings of the 5th International Conference on Foundations of Software Science and Computation Structures
Raccoon - An Infrastructure For Managing Access Control in CORBA

Proceedings of the IFIP TC6 / WG6.1 Third International Working Conference on New Developments in Distributed Applications and Interoperable Systems
Manageable access control for CORBA

Journal of Computer Security - Special issue on ESORICS 2000
Controlling the Complexity of Software Designs

Proceedings of the 26th International Conference on Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security is a crucial aspect in any modern software system. We consider access control as a concern in the sense of Aspect Oriented Programming and present a design language for access control aspects in distributed systems, called View Policy Language. The specification of the View Policy Language for a given application is integrated into a model-driven software engineering approach to support the designer throughout the entire software process. We give a graph-based formal semantics to the design models in order to reason about model transformations. In particular, we can formally ensure the preservation of model constraints in the transformation process, and hence prove the reusability of security aspects in dynamic models for different platforms.