Abstract
Interactive systems are often developed without taking security concerns into account. We investigated a combination of both HCI models and access control specifications to overcome this problem. The motivation of a combined approach is to narrow the gap between different modeling perspectives and to provide a coherent mapping of modeling concepts. The general goal is a systematic introduction and tool support of security concerns in model-based development of interactive system. In this paper we report results of our work currently concentrating on the early design steps. The focus of this presentation is on the specification of task and role hierarchies, conflicting privileges and related tool support.
Chapter PDF
Similar content being viewed by others
References
Baron, M., Scapin, D.: K-MADe User Manual (2006), http://kmade.sourceforge.net (accessed 22.8.2010)
Bomsdorf, B.: The WebTaskModel Approach to Web Process Modelling. In: Winckler, M., Johnson, H., Palanque, P. (eds.) TAMODIA 2007. LNCS, vol. 4849, pp. 240–253. Springer, Heidelberg (2007)
Casteleyn, S., De Troyer, O.: Structuring Web Sites Using Audience Class Hierarchies. In: Arisawa, H., Kambayashi, Y., Kumar, V., Mayr, H.C., Hunt, I. (eds.) ER Workshops 2001. LNCS, vol. 2465, pp. 198–211. Springer, Heidelberg (2002)
DÃaz, P., Aedo, I., Sanz, D., Malizia, A.: A model-driven approach for the visual specification of Role-Based Access Control policies in web systems. In: Visual Languages and Human-Centric Computing, VL/HCC 2008, pp. 203–210 (2008)
Guo, Y.: User/Group Administration for RBAC. The University of Western Ontario (1999)
Kang, M.H., Parker, J., Forscher, J.N.: Access Control Mechanisms for Inter-Organizational Workflow. In: Symposium on Access Control Models and Technologies, pp. 66–74 (2001)
Lu, S., Paris, C., Vander Linden, K.: Tamot: Towards a Flexible Task Modeling Tool. In: Proceedings of Human Factors, pp. 878–886 (2002)
Osborn, S., Nyanchama, M.: The Role Graph Model and Conflict of Interest. The University of Western Ontario (1999)
Paternò, F., Santoro, C., Tahmassebi, S.: Formal Models for Cooperative Tasks: Concepts and an Application for En-Route Air Traffic Control. In: Design, Specification, and Verification of Interactive Systems, pp. 71–86. Springer, Abingdon (1998)
RBAC Standard (2003), http://csrc.nist.gov/rbac/rbac-std-ncits.pdf (accessed 22.8.2010)
Reitschuster, A.: Realization of an Editor supporting an integrative Modeling of Groups, Roles and Tasks (Realisierung eines Editors zur integrativen Gruppen-, Rollen- und Aufgabenmodellierung, in German), Masterthesis, University Hagen (2008)
Romuald, T., Stéphane, C.: Integration of Access Control in Information Systems: From Role Engineering to Implementation. Informatica 30, 87–95 (2004)
Stary, C.: Role-Adapted Access to Medical Data: Experiences with Model-Based Development. In: Universal Access in Health Telematics, pp. 224–239 (2005)
Stuart, J., Penn, R.: TaskArchitect: taking the work out of task analysis. In: 3rd Annual Conference on Task Models and Diagrams, TAMODIA 2004, pp. 145–154 (2004)
Zhang, C., Hu, Y., Zahng, G.: Task-Role Based Dual System Access Control Model. International Journal of Computer Science an Network Scurity 6(7B), 211–215 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP International Federation for Information Processing
About this paper
Cite this paper
Bomsdorf, B. (2010). RTME: Extension of Role-Task Modeling for the Purpose of Access Control Specification. In: Bernhaupt, R., Forbrig, P., Gulliksen, J., Lárusdóttir, M. (eds) Human-Centred Software Engineering. HCSE 2010. Lecture Notes in Computer Science, vol 6409. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16488-0_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-16488-0_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16487-3
Online ISBN: 978-3-642-16488-0
eBook Packages: Computer ScienceComputer Science (R0)