An Aspect-Oriented Approach to Relating Security Requirements and Access Control
نویسندگان
چکیده
Affecting multiple parts in software systems, security requirements often tangle with functional requirements. In order to separate crosscutting concerns and increase modularity, we propose to represent security requirements as aspects that can be woven into functional requirements. Using problem frames to model the functional requirements, weaving is achieved by composing the modules representing security aspects with the requirement models. Moreover, we provide guidance on how such security aspects are structured to implement a particular access control solution. As a result, such security aspects become reusable solution patterns to refine the structure of security-related problem.
منابع مشابه
An Aspect-oriented Approach to Relating Security Requirements and Access Control Conference Item an Aspect-oriented Approach to Relating Security Requirements and Access Control
Affecting multiple parts in software systems, security requirements often tangle with functional requirements. In order to separate crosscutting concerns and increase modularity, we propose to represent security requirements as aspects that can be woven into functional requirements. Using problem frames to model the functional requirements, weaving is achieved by composing the modules represent...
متن کاملEnhancing Mediation Security by Aspect-Oriented Approach
Research on mediation techniques to integrate data from heterogeneous data sources has made comprehensive progress. However, mediation poses extensive security problems. Protecting proprietary data from unauthorized access is recognized as one of the most significant barriers to the mediation systems. Neither traditional access control methods are adequate to model the flexible access control r...
متن کاملAn automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کاملAdaptive Access Control Enforcement in Social Network Using Aspect Weaving
Current social network systems support a large range of applications with very different security requirements. Even if available social network solutions provide some security functionalities, users do not control these functionalities and cannot customize them to handle their specific security needs. In this paper, we suggest a new approach to handle these issues. This approach is based on As...
متن کاملAn aspect-based approach to modeling access control concerns
Specifying, enforcing and evolving access control policies is essential to prevent security breaches and unavailability of resources. These access control design concerns impose requirements that allow only authorized users to access protected computer-based resources. Addressing these concerns in a design results in the spreading of access control functionality across several design modules. T...
متن کامل