Handbook of graph grammars and computing by graph transformation: volume I. foundations
Handbook of graph grammars and computing by graph transformation: volume I. foundations
Handbook of graph grammars and computing by graph transformation
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Aspect-oriented programming: Introduction
Communications of the ACM
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
A graph-based formalism for RBAC
ACM Transactions on Information and System Security (TISSEC)
Model Driven Architecture: Applying MDA to Enterprise Computing
Model Driven Architecture: Applying MDA to Enterprise Computing
Conflict Detection and Resolution in Access Control Policy Specifications
FoSSaCS '02 Proceedings of the 5th International Conference on Foundations of Software Science and Computation Structures
Raccoon - An Infrastructure For Managing Access Control in CORBA
Proceedings of the IFIP TC6 / WG6.1 Third International Working Conference on New Developments in Distributed Applications and Interoperable Systems
Manageable access control for CORBA
Journal of Computer Security - Special issue on ESORICS 2000
Controlling the Complexity of Software Designs
Proceedings of the 26th International Conference on Software Engineering
Hi-index | 0.00 |
Security is a crucial aspect in any modern software system. We consider access control as a concern in the sense of Aspect Oriented Programming and present a design language for access control aspects in distributed systems, called View Policy Language. The specification of the View Policy Language for a given application is integrated into a model-driven software engineering approach to support the designer throughout the entire software process. We give a graph-based formal semantics to the design models in order to reason about model transformations. In particular, we can formally ensure the preservation of model constraints in the transformation process, and hence prove the reusability of security aspects in dynamic models for different platforms.