Abstract
Security is a crucial aspect in any modern software system. We consider access control as a concern in the sense of Aspect Oriented Programming and present a design language for access control aspects in distributed systems, called View Policy Language. The specification of the View Policy Language for a given application is integrated into a model-driven software engineering approach to support the designer throughout the entire software process. We give a graph-based formal semantics to the design models in order to reason about model transformations. In particular, we can formally ensure the preservation of model constraints in the transformation process, and hence prove the reusability of security aspects in dynamic models for different platforms.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ahn, G.-J., Sandhu, R.: Role-Based Authorization Constraints Specification. ACM Transactions on Information and System Security 3(4), 207–226 (2000)
Apache. Axis, http://ws.apache.org/axis/
Brose, G.: Manageable Access Control for CORBA. Journal of Computer Security 4, 301–337 (2002)
Brose, G., Koch, M., Löhr, K.-P.: Integrating Access Control Design into the Software Development Process. In: Proc. of 6th International Conference on Integrated Design and Process Technology, IDPT (2002)
Brose, G.: Access Control Management in Distributed Object Systems. PhD thesis, Freie Universität Berlin (2001)
Brose, G.: Raccoon — An infrastructure for managing access control in CORBA. In: Proc. Int. Conference on Distributed Applications and Interoperable Systems (DAIS). Kluwer, Dordrecht (2001)
Ehrig, H., Heckel, R., Korff, M., Löwe, M., Ribeiro, L., Wagner, A., Corradini, A.: Handbook of Graph Grammars and Computing by Graph Transformations. Vol. I: Foundations, chapter Algebraic Approaches to Graph Transformation Part II: Single Pushout Approach and Comparison with Double Pushout Approach. In: Rozenberg [17] (1997)
Elrad, T., Filman, R., Bader, A.: Aspect-Oriented Programming. Communications of the ACM 44, 28–97 (2001)
Frankel, D.S.: Model Driven Architecture: Applying MDA to Enterprise Computing. John Wiley and Sons, Chichester (2003)
Jaeger, T., Tidswell, J.E.: Practical Safety in Flexible Access Control Models. ACM Transactions on Information and System Security 4(2), 158–190 (2001)
Koch, M., Mancini, L.V., Parisi-Presicce, F.: A Graph Based Formalism for RBAC. ACM Transactions on Information and System Security (TISSEC) 5(3), 332–365 (2002)
Koch, M., Mancini, L.V., Parisi-Presicce, F.: Conflict Detection and Resolution in Access Control Specifications. In: Nielsen, M., Engberg, U. (eds.) FOSSACS 2002. LNCS, vol. 2303, pp. 223–237. Springer, Heidelberg (2002)
Koch, M., Pauls, K.: Model-driven Development of Access Control Aspects. In: Proc. of Sicherheit 2005, 2. GI-Jahrestagung Fachbereich Sicherheit (2005)
Lieberherr, K.J.: Controlling the Complexity of Software Designs. In: Proc. of 26th International Conference in Software Engineering, pp. 2–11 (2004)
Lopes, C.: Aspect-Oriented Software Development, chapter AOP: A Historical Perspective. Addison Wesley, London (2004)
OMG. Common Object Request Broker Architecture: Core Specification V.3.0.2 (December 2002)
Rozenberg, G. (ed.): Handbook of Graph Grammars and Computing by Graph Transformation, Foundations, vol. 1. World Scientific, Singapore (1997)
Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST Model for Role-Based Access Control: Towards A Unified Standard. In: Proc. of the 5th ACM Workshop on Role-Based Access Control. ACM, New York (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Koch, M., Pauls, K. (2005). An Access Control Language for Dynamic Systems – Model-Driven Development and Verification. In: Prinz, A., Reed, R., Reed, J. (eds) SDL 2005: Model Driven. SDL 2005. Lecture Notes in Computer Science, vol 3530. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11506843_2
Download citation
DOI: https://doi.org/10.1007/11506843_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26612-9
Online ISBN: 978-3-540-31539-1
eBook Packages: Computer ScienceComputer Science (R0)