An approach to precisely specifying the problem domain of design patterns
Journal of Visual Languages and Computing
Executable misuse cases for modeling security concerns
Proceedings of the 30th international conference on Software engineering
Describing access control models as design patterns using roles
Proceedings of the 2006 conference on Pattern languages of programs
Pattern-Based Transformation Rules for Developing Interaction Models of Access Control Systems
ICSR '08 Proceedings of the 10th international conference on Software Reuse: High Confidence Software Reuse in Large Systems
Hi-index | 0.00 |
This paper describes a pattern-based technique for systematic development of UML models of secure systems using access control. Access control is viewed and specified as a design pattern. An access control pattern is applied to a functionalUML model of an application to be secured using a composition algorithm. We demonstrate the technique using Mandatory Access Control (MAC) and a model of a simple file system. We also discuss how the composed model can be evaluated for security assurance expected from the applied access control.