Model driven architecture for modeling of logical security based on RBAC approach

• Autorzy: Poniszewska-Marańda A.
• Języki publikacji: EN

Abstrakty

EN

This paper presents an approach of role-based access control (RBAC) for information systems with the use of MDA (Model Driven Architecture). The main purpose is to join the concepts of MDA approach with the concepts of access control models, in particular with the concepts of access control based on roles and on usage concept. To reach this objectives the appropriate solution was created to model the extended RBAC model and URBAC model with the use of concepts and tools of software engineering, in particular MDA methodology and UML (Unified Modeling Language). The presented approach was developed for role engineering in the aspects of logical security of information systems.

Słowa kluczowe

EN

access control; role based access control; usage control; modeling of access control; model driven architecture

PL

kontrola dostępu oparta na rolach; kontrola użycia; Model Driven Architecture; architektura sterowana modelem

• Wydawca: Wydawnictwo Politechniki Łódzkiej
• Czasopismo: Journal of Applied Computer Science
• Rocznik: 2014
• Tom: Vol. 22, nr 1
• Strony: 183--199
• Opis fizyczny: Bibliogr. 19 poz.

Twórcy

autor

Poniszewska-Marańda A.

• Institute of Information Technology, Lodz University of Technology, Lodz, Wolczanska 215

Bibliografia

• [1] Booch, G., Rumbaugh, J., and Jacobson, I., The Unified Modeling Language User Guide, Addison-Wesley, 2004.
• [2] Group, T. O. M., OMG Unified Modeling Language (OMG UML): Superstructure, http://www.omg.org/technology/documents/formal/uml.htm, 2009.
• [3] Castaro, S., Fugini, M., Martella, G., and Samarati, P., Database Security, Addison-Wesley, 1994.
• [4] Dows, D., Rub, J., Kung, K., and Jordan, C., Issues in discretionary access control, In: Proc. of IEEE Symposium on Research in Security and Privacy, 1985.
• [5] Sandhu, R. S. and Samarati, P., Access Control: Principles and Practice, IEEE Communication, Vol. 32, No. 9, 1994, pp. 40–48.
• [6] Bertino, E., Bettini, C., and Samarati, P., A Temporal Access Control Mechanism for Database Systems, IEEE Transitions on Knowledge and Data Engineering, , No. 8(1), 1996.
• [7] Bertino, E., Bonatti, P., and Ferrari, E., A Temporal Role-based Access Control Model, ACM Transaction on Information and System Security, , No. 4(3), 2001, pp. 191–233.
• [8] Gal, A. and Atluri, V., An Authorization Model for Temporal Data, ACM Transaction on Information and System Security, , No. 5(1), 2002.
• [9] James, B., Joshi, E., Bertino, U., Latif, A., and Ghafoo, A., A Generalized Temporal Role-Based Access Control Model, IEEE Transitions on Knowledge and Data Engineering, , No. 17(1), 2005, pp. 4–23.
• [10] Park, J. and Sandhu, R., The UCON ABC Usage Control Model, ACM Transactions on Information and System Security, , No. 7, 2004.
• [11] Park, J., Zhang, X., and Sandhu, R., Attribute Mutability in Usage Control, In: 18th IFIP WG 11.3 Working Conference on Data and Applications Security, 2004.
• [12] Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E., Role-Based Access Control Models, IEEE Computer, Vol. 29, No. 2, 1996, pp. 38–47.
• [13] Ferraiolo, D., Sandhu, R. S., Gavrila, S., Kuhn, D. R., and Chandramouli, R., Proposed NIST Role-Based Access Control, ACM, Transactions on Information and Systems Security (TISSEC), Vol. 4, No. 3, 2001.
• [14] Poniszewska-Maranda, A., Goncalves, G., and Hemery, F., Representation of extended RBAC model using UML language, In: SOFSEM 2005, LNCS 3381, Publisher: Springer-Verlag Heidelberg, 2005.
• [15] Goncalves, G. and Poniszewska-Maranda, A., Role engineering: from design to evaluation of security schemas, Journal of Systems and Software, Elsevier, Vol. 81, No. 8, 2008, pp. 1306–1326.
• [16] Poniszewska-Maranda, A., Modeling and design of role engineering in development of access control for dynamic information systems, Bulletin of the Polish Academy of Sciences, Technical Science, Vol. 61, No. 3, 2013.
• [17] Jin, X., Applying Model Driven Architecture approach to Model Role Based Access Control System, Ph.D. thesis, Canada, 2006.
• [18] Krause, L., eXtensible Access Control Markup Language (XACML) what is it and why is it important? http://codingbliss.com/?p=161.
• [19] Niemiec, J., Morawiec, M., Ber, J., Drozy´nski, D., and Wcislo, M., MDA (Model Driven Architecture) for modeling of access control of information system based on eRBAC model, Tech. rep., Supervisor: A. PoniszewskaMarańda, Institute of Information Technology, Lodz University of Technology, 2012.