Modeling permissions in a (U/X)ML world

Authors:
Muhammad Alam;Ruth Breu;Michael Hafner
Affiliations:
Universitat Innsbruck, Austria;Universitat Innsbruck, Austria;Universitat Innsbruck, Austria
Venue:
ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
Year:
2006

Citing 0
Cited 12

Towards the security and privacy analysis of patient portals

ACM SIGBED Review - Special issues on the NSF team for research in ubiquitous secure technology (TRUST) project reports
A technical architecture for enforcing usage control requirements in service-oriented architectures

Proceedings of the 2007 ACM workshop on Secure web services
Constraint based role based access control in the SECTET-framework: A model-driven approach

Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
Modeling and Enforcing Advanced Access Control Policies in Healthcare Systems with Sectet

Models in Software Engineering
A constraint based role based access control in the SECTET a model-driven approach

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Constraint based role based access control (CRBAC) for restricted administrative delegation constraints in the SECTET

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
A security policy framework for context-aware and user preferences in e-services

Journal of Systems Architecture: the EUROMICRO Journal
A transformation approach for security enhanced business processes

SE '08 Proceedings of the IASTED International Conference on Software Engineering
Model driven security engineering for the realization of dynamic security requirements in collaborative systems

MoDELS'06 Proceedings of the 2006 international conference on Models in software engineering
Deriving XACML policies from business process models

WISE'07 Proceedings of the 2007 international conference on Web information systems engineering
Towards a MOF/QVT-Based domain architecture for model driven security

MoDELS'06 Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems
A framework for modeling restricted delegation in service oriented architecture

TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we present a novel approach for the specification of access rights in a Service Oriented Architecture. Being part of the SECTET framework for model driven security for B2B-workflows, our specification language SECTET-PL for permissions is influenced by the OCL specification language and is interpreted in the context of UML models. Concerning the technological side, SECTETPL specifications are translated into platform independent XACML permissions interpreted by a security gateway.