UML-Based Representation of Role-Based Access Control
نویسندگان
چکیده
In role-based access control (RBAC) permissions are associated with roles, and users are made members of appropriate roles thereby acquiring the roles' permissions. The principal motivation behind RBAC is to simplify administration. Several frameworks for the development of role-based systems have been introduced. There are, however, a few works specifying RBAC in a way which system developers or software engineers can easily understand and refer to develop role-based systems. The Uni ed Modeling Language (UML) is a general-purpose visual modeling language that is used to specify, visualize, and document the components of a software system. In this paper we represent the RBAC model with this well-known modeling language to reduce a gap between security model and system development. We also specify the RBAC model with three views: static view, functional view, and dynamic view. We also brie y discuss about the future directions.
منابع مشابه
UML Representation of Extended Role-Based Access Control Model with the Use of Usage Control Concept
This paper presents an extension of role-based access control model with the use of usage control concept together with its representation using the Unified Modeling Language (UML). The presented model is developed for role engineering in the security of information system. The presented implementation of URBAC (Usage Role-Based Access Control) model consists in creation of security profiles fo...
متن کاملSecure State UML: Modeling and Testing Security Concerns of Software Systems Using UML State Machines
In this research we present a technique by using which, extended UML models can be converted to standard UML models so that existing MBT techniques can be applied directly on these models. Existing Model Based Testing (MBT) Techniques cannot be directly applied to extended UML models due to the difference of modeling notation and new model elements. Verification of these models is also very imp...
متن کاملSecure State UML: Modeling and Testing Security Concerns of Software Systems Using UML State Machines S. Batool and S. Asghar Institute of Information Technology, University of Arid and Agriculture Rawalpindi, Pakistan
In this research we present a technique by using which, extended UML models can be converted to standard UML models so that existing MBT techniques can be applied directly on these models. Existing Model Based Testing (MBT) Techniques cannot be directly applied to extended UML models due to the difference of modeling notation and new model elements. Verification of these models is also very imp...
متن کاملReconstructing a formal security model
Role-based access control (RBAC) is a flexible approach to access control, which has generated great interest in the security community. The principal motivation behind RBAC is to simplify the complexity of administrative tasks. Several formal models of RBAC have been introduced. However, there are a few works specifying RBAC in a way which system developers or software engineers can easily und...
متن کاملEmploying UML and OCL for designing and analysing role-based access control
Stringent security requirements of organizations like banks or hospitals frequently adopt role-based access control (RBAC) principles to represent and simplify their internal permission management. While representing a fundamental advanced RBAC concept enabling precise restrictions on access rights, authorization constraints increase the complexity of the resulting security policies so that too...
متن کاملEmploying UML and OCL for Designing and Analyzing Role-Based Access Control
Stringent security requirements of organizations like banks or hospitals frequently adopt role-based access control (RBAC) principles to represent and simplify their internal permission management. While representing a fundamental advanced RBAC concept enabling precise restrictions on access rights, authorization constraints increase the complexity of the resulting security policies so that too...
متن کامل