Role-Based Access Control Models
Computer
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
UMLsec: Extending UML for Secure Systems Development
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
Protection of complex distributed systems
Proceedings of the 2008 workshop on Middleware security
Computer
Security-driven model-based dynamic adaptation
Proceedings of the IEEE/ACM international conference on Automated software engineering
OpenPMF SCaaS: Authorization as a Service for Cloud & SOA Applications
CLOUDCOM '10 Proceedings of the 2010 IEEE Second International Conference on Cloud Computing Technology and Science
Refactoring access control policies for performance improvement
ICPE '12 Proceedings of the 3rd ACM/SPEC International Conference on Performance Engineering
A dynamic component model for cyber physical systems
Proceedings of the 15th ACM SIGSOFT symposium on Component Based Software Engineering
Hi-index | 0.00 |
Pervasive systems typically involve heterogeneous users, devices and networks to provide services seamlessly interacting with the physical world. In order to be flexible, these systems must be both dynamically adaptive to handle and still open to the ability of receiving new elements. Characteristics of these systems can have a major impact on the enforcement of role-based access control policies. Enforcement mechanism for RBAC policies need to be tailored to distributed and adaptive software architectures. It must be capable of handling architectural changes (e.g., a resource hosted by a node is moved to another node) in order to maintain the enforced policy. In this paper we describe an approach of policy enforcement that leverages on a mapping between RBAC and a component-based architecture to reason on architectural changes and maintain the enforced policy. Models@runtime paradigm provides elementary bricks to reason on adaptive architecture. Relying on it and on runtime adaptation and monitoring mechanisms we propose a design for a model-driven RBAC enforcement mechanism.