Information flow property preserving transformation of UML interaction diagrams
Proceedings of the eleventh ACM symposium on Access control models and technologies
Editorial: Model-Driven Development for secure information systems
Information and Software Technology
A Component Assembly Approach Based On Aspect-Oriented Generative Domain Modeling
Electronic Notes in Theoretical Computer Science (ENTCS)
Portable secure identity management for software engineering
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2
Enforcing trust in embedded systems using models
Proceedings of the International Workshop on Security and Dependability for Resource Constrained Embedded Systems
A decade of model-driven security
Proceedings of the 16th ACM symposium on Access control models and technologies
Development and runtime support for situation-aware security in autonomic computing
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Hi-index | 0.00 |
The research vision of the Unified Component MetaModel Framework (UniFrame) is to develop aninfrastructure for components that enables a plug andplay component environment where the securitycontracts are a part of the component description andthe security aware middleware is generated by thecomponent integration toolkits. That is, the componentsproviders will define security contracts in addition tothe functional contracts. These security contracts willbe used to analyze the ability of a service to meet thesecurity constraints when used in a composition ofcomponents. A difficulty in progressing the securityrelated aspects of this infrastructure is the lack of aunified access control model that can be leveraged toidentify protected resources and access control points atthe model level. Existing component technologies utilizevarious mechanisms for specifying security constraints.This paper will explore issues related to expressingaccess control requirements of components and theresources they manage. It proposes a platformindependent model (PIM) for the access control that canbe leveraged to parameterize domain models. It alsooutlines the analysis necessary to progress a standardtransformation from this PIM to three existing PlatformSpecific Models (PSMs).