Feasibility study of software reengineering towards role-based access control

Authors:
Han Li;Hongji Yang;Feng Chen;He Guo;Yuansheng Yang
Affiliations:
School of Computer Science and Technology, Dalian University of Technology, 116023 Dalian, China.;Faculty of Technology (FoT), De Montfort University, Leicester, LE1 9BH, UK.;Faculty of Technology (FoT), De Montfort University, Leicester, LE1 9BH, UK.;School of Software, Dalian University of Technology, Development Area, 116620 Dalian, China.;School of Computer Science and Technology, Dalian University of Technology, 116023 Dalian, China
Venue:
International Journal of Computer Applications in Technology
Year:
2011

Citing 17
Cited 2

Information-flow and data-flow analysis of while-programs

ACM Transactions on Programming Languages and Systems (TOPLAS)
Role-Based Access Control Models

Computer
ALCHEMIST: a general purpose transformation generator

Software—Practice & Experience
Configuring role-based access control to enforce mandatory and discretionary access control policies

ACM Transactions on Information and System Security (TISSEC)
Language Prototyping: An Algebraic Specification Approach: Vol. V

Language Prototyping: An Algebraic Specification Approach: Vol. V
Successful Evolution of Software Systems

Successful Evolution of Software Systems
Measuring Abstractness for Reverse Engineering in a Re-engineering Tool

ICSM '97 Proceedings of the International Conference on Software Maintenance
Using Program Transformation to Secure C Programs Against Buffer Overflows

WCRE '03 Proceedings of the 10th Working Conference on Reverse Engineering
Pigs from sausages? Reengineering from assembler to C via FermaT transformations

Science of Computer Programming - Special issue on program transformation
Role Based Reengineering of Web Applications

WSE '05 Proceedings of the Seventh IEEE International Symposium on Web Site Evolution
Reengineering the process in the design of object-orientation using concepts of industrial engineering

International Journal of Computer Applications in Technology
Validated model transformation-driven software development

International Journal of Computer Applications in Technology
A consolidated methodology for business process reengineering

International Journal of Computer Applications in Technology
Stratego/XT 0.17. A language and toolset for program transformation

Science of Computer Programming
A security oriented program transformation to "add on" policies to prevent injection attacks

Proceedings of the 2nd Workshop on Refactoring Tools
Authentication and access control in RFID based logistics-customs clearance service platform

International Journal of Automation and Computing
Reverse engineering and reusing COBOL programs: a program transformation approach

IW-FM'97 Proceedings of the 1st Irish conference on Formal Methods

An improved decision-making rule of Dempster-Shafer theory application on fault diagnosis system

International Journal of Computer Applications in Technology
A new compression algorithm of data provenance based on self-adaptive granularity

International Journal of Computer Applications in Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Role-Based Access Control (RBAC) is accepted as the most commonly used access control policy; however, it is mainly used during the development of new software systems. In this paper, an approach to reengineering RBAC into legacy systems by applying program transformation is proposed. Wide Spectrum Language (WSL) and MetaWSL are extended. Transformation rules, algorithm and operations for further authorisation management are defined to support access control reorganisation. A case study is demonstrated on a prototype tool FermaT-based Access Control Reorganisation (F-ACR). The result shows that it is a feasible and promising approach to enforcing RBAC in legacy systems.