ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Verifiable composition of access control and application features
Full text PdfPdf (200 KB)
Source Symposium on Access Control Models and Technologies archive
Proceedings of the tenth ACM symposium on Access control models and technologies table of contents
Stockholm, Sweden
SESSION: Applications table of contents
Pages: 120 - 129  
Year of Publication: 2005
ISBN:1-59593-045-0
Authors
Eunjee Song  Colorado State University, Fort Collins, CO
Raghu Reddy  Colorado State University, Fort Collins, CO
Robert France  Colorado State University, Fort Collins, CO
Indrakshi Ray  Colorado State University, Fort Collins, CO
Geri Georg  Colorado State University, Fort Collins, CO
Roger Alexander  Colorado State University, Fort Collins, CO
Sponsors
ACM: Association for Computing Machinery
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 4,   Downloads (12 Months): 44,   Citation Count: 5
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1063979.1064001
What is a DOI?

ABSTRACT

Access control features are often spread across and tangled with other functionality in a design. This makes modifying and replacing these features in a design difficult. Aspect-oriented modeling (AOM) techniques can be used to support separation of access control concerns from other application design concerns. Using an AOM approach, access control features are described by aspect models and other application features are described by a primary model. Composition of aspect and primary models yields a design model in which access control features are integrated with other application features. In this paper, we present, through an example, an AOM approach that supports verifiable composition of behaviors described in access control aspect models and primary models. Given an aspect model, a primary model, and a specified property, the composition technique produces proof obligations as the behavioral descriptions in the aspect and primary models are composed. One has to discharge the proof obligations to establish that the composed model has the specified property.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Gail-Joon Ahn , Ravi Sandhu, The RSL99 language for role-based separation of duty constraints, Proceedings of the fourth ACM workshop on Role-based access control, p.43-54, October 28-29, 1999, Fairfax, Virginia, United States  [doi>10.1145/319171.319176]
 
2
Gail-Joon Ahn , Michael E. Shin, Role-Based Authorization Constraints Specification Using Object Constraint Language, Proceedings of the 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, p.157-162, June 20-22, 2001
 
3
M. T. Chan and L. F. Kwok. Integrating security design into the software development process for e-commerce systems. Information Management and Computer Security, 9(2-3):112--122, 2001.
 
4
Siobhán Clarke, Extending standard UML with model composition semantics, Science of Computer Programming, v.44 n.1, p.71-100, July 2002  [doi>10.1016/S0167-6423(02)00030-8]
5
David F. Ferraiolo , Ravi Sandhu , Serban Gavrila , D. Richard Kuhn , Ramaswamy Chandramouli, Proposed NIST standard for role-based access control, ACM Transactions on Information and System Security (TISSEC), v.4 n.3, p.224-274, August 2001  [doi>10.1145/501978.501980]
 
6
R. B. France, I. Ray, G. Georg, and S. Ghosh. An aspect-oriented approach to design modeling. IEE Proceedings - Software, Special Issue on Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design, 151(4), August 2004.
 
7
G. Georg, R. France, and I. Ray. An Aspect-Based Approach to Modeling Security Concerns. In Proceedings of the Workshop on Critical Systems Development with UML, Dresden, Germany, 2002.
 
8
Geri Georg , Indrakshi Ray , Robert France, Using Aspects to Design a Secure System, Proceedings of the Eighth International Conference on Engineering of Complex Computer Systems, p.117, December 02-04, 2002
 
9
G. Georg, R. Reddy, and R. France. Specifying cross-cutting requirements concerns. In Proceedings of the International Conference on the UML, October 2004. Springer, 2004.
 
10
Jan Jürjens, Towards Development of Secure Systems Using UMLsec, Proceedings of the 4th International Conference on Fundamental Approaches to Software Engineering, p.187-200, April 02-06, 2001
11
Gregor Kiczales , Erik Hilsdale , Jim Hugunin , Mik Kersten , Jeffrey Palm , William Griswold, Getting started with ASPECTJ, Communications of the ACM, v.44 n.10, p.59-65, Oct. 2001  [doi>10.1145/383845.383858]
 
12
D.-K. Kim, I. Ray, R. France, and N. li. Modeling role-based access control using parameterized UML models. In Proceedings of the 7th Conference on Fundamental Approaches to Software Engineering (FASE 2004), 2004.
13
Manuel Koch , Luigi V. Mancini , Francesco Parisi-Presicce, A graph-based formalism for RBAC, ACM Transactions on Information and System Security (TISSEC), v.5 n.3, p.332-365, August 2002  [doi>10.1145/545186.545191]
 
14
Torsten Lodderstedt , David A. Basin , Jürgen Doser, SecureUML: A UML-Based Modeling Language for Model-Driven Security, Proceedings of the 5th International Conference on The Unified Modeling Language, p.426-441, September 30-October 04, 2002
15
Matunda Nyanchama , Sylvia Osborn, The role graph model and conflict of interest, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.3-33, Feb. 1999  [doi>10.1145/300830.300832]
16
Sylvia Osborn , Yuxia Guo, Modeling users in role-based access control, Proceedings of the fifth ACM workshop on Role-based access control, p.31-37, July 26-28, 2000, Berlin, Germany  [doi>10.1145/344287.344299]
17
Harold Ossher , Peri Tarr, Using multidimensional separation of concerns to (re)shape evolving software, Communications of the ACM, v.44 n.10, p.43-50, Oct. 2001  [doi>10.1145/383845.383856]
 
18
I. Ray, R. France, N. Li, and G. Georg. An aspect-based approach to modeling access control concerns. Information and Software Technology, 40(9):557--633, 2004.
19
Indrakshi Ray , Na Li , Robert France , Dae-Kyoo Kim, Using uml to visualize role-based access control constraints, Proceedings of the ninth ACM symposium on Access control models and technologies, June 02-04, 2004, Yorktown Heights, New York, USA  [doi>10.1145/990036.990054]
 
20
G. Straw, G. Georg, E. Song, S. Ghosh, R. France, and J. Bieman. Model composition directives. In Proceedings of the International Conference on the UML, October 2004. Springer, 2004.
 
21
The Object Management Group (OMG). Unified Modeling Language: Superstructure. Version 2.0, Final Adopted Specification, OMG, http://www.omg.org, August 2003.
22
Jonathon E. Tidswell , Trent Jaeger, An access control model for simplifying constraint expression, Proceedings of the 7th ACM conference on Computer and communications security, p.154-163, November 01-04, 2000, Athens, Greece  [doi>10.1145/352600.352622]
 
23
Jos Warmer , Anneke Kleppe, The Object Constraint Language: Getting Your Models Ready for MDA, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 2003

CITED BY  5
Vina Ermagan , Ingolf H. Krüger , Massimiliano Menarini, Aspect-oriented modeling approach to define routing in enterprise service bus architectures, Proceedings of the 2008 international workshop on Models in software engineering, May 10-11, 2008, Leipzig, Germany
Jon Whittle , Duminda Wijesekera , Mark Hartong, Executable misuse cases for modeling security concerns, Proceedings of the 30th international conference on Software engineering, May 10-18, 2008, Leipzig, Germany
Anderson Santana de Oliveira , Eric Ke Wang , Claude Kirchner , Helene Kirchner, Weaving rewrite-based access control policies, Proceedings of the 2007 ACM workshop on Formal methods in security engineering, p.71-80, November 02-02, 2007, Fairfax, Virginia, USA
Eunjee Song , Hanil Kim , Wuliang Sun, A property-based verification approach in aspect-oriented modeling, Proceedings of the 2009 ACM symposium on Applied Computing, March 08-12, 2009, Honolulu, Hawaii
Yuqing Sun , Bin Gong , Xiangxu Meng , Zongkai Lin , Elisa Bertino, Specification and enforcement of flexible security policy for active cooperation, Information Sciences: an International Journal, v.179 n.15, p.2629-2642, July, 2009

INDEX TERMS

Primary Classification:
  D. Software
  D.2 SOFTWARE ENGINEERING
      D.2.1 Requirements/Specifications
          Subjects: Languages

Additional Classification:
  D. Software
  D.2 SOFTWARE ENGINEERING
      D.2.1 Requirements/Specifications
          Subjects: Methodologies (e.g., object-oriented, structured)
      D.2.4 Software/Program Verification
          Subjects: Validation

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS


General Terms:
Design, Languages, Security, Verification


Keywords:
RBAC, UML, modeling, verification

Collaborative Colleagues:
Eunjee Song: colleagues
Raghu Reddy: colleagues
Robert France: colleagues
Indrakshi Ray: colleagues
Geri Georg: colleagues
Roger Alexander: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player