SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
UMLsec: Extending UML for Secure Systems Development
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
IFM '02 Proceedings of the Third International Conference on Integrated Formal Methods
MDA Distilled
authUML: a three-phased framework to analyze access control specifications in use cases
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
Role-Based access control consistency validation
Proceedings of the 2006 international symposium on Software testing and analysis
Analyzing security advice in functional aspect-oriented programming languages
Analyzing security advice in functional aspect-oriented programming languages
15 Years of Triple Graph Grammars
ICGT '08 Proceedings of the 4th international conference on Graph Transformations
A High-level Aspect-oriented-based Framework for Software Security Hardening
Information Security Journal: A Global Perspective
Proceedings of the 2nd Workshop on Virtual Machines and Intermediate Languages for emerging modularization mechanisms
Weaving security aspects into UML 2.0 design models
Proceedings of the 13th workshop on Aspect-oriented modeling
A framework for software security in uml with assurance
A framework for software security in uml with assurance
Bidirectional Transformations: A Cross-Discipline Perspective
ICMT '09 Proceedings of the 2nd International Conference on Theory and Practice of Model Transformations
Fine-Grained Access Control with Object-Sensitive Roles
Genoa Proceedings of the 23rd European Conference on ECOOP 2009 --- Object-Oriented Programming
A framework of composable security features: preserving separation of security concerns from models to code
The Computer Journal
From state- to delta-based bidirectional model transformations: the symmetric case
Proceedings of the 14th international conference on Model driven engineering languages and systems
Correctness of model synchronization based on triple graph grammars
Proceedings of the 14th international conference on Model driven engineering languages and systems
Bidirectional model transformations in QVT: semantic issues and open questions
MODELS'07 Proceedings of the 10th international conference on Model Driven Engineering Languages and Systems
| Hi-index | 0.00 |
Security assurance is a property that ensures that the application code behaves consistently with the access control policy specified at the design level. Security assurance proofs are valid as long as software engineers do not modify the generated code. This assumption does not hold in Round-Trip Engineering, since programmers may modify the generated code and the models are automatically re-generated. This paper proposes a round-trip engineering approach for access control that preserves security assurance both when generating code from models and vice versa. The approach is to extend programming languages@? typing mechanisms with additional rules that ensure consistency between models and code, even when code is arbitrarily modified by programmers. This paper presents a formal description of the solution and an initial sketch of the required proofs of correctness. Ongoing work is the development of a prototype to automate most of the process and its validation in a case study.