An aspect-based approach to modeling access control concerns
نویسندگان
چکیده
Specifying, enforcing and evolving access control policies is essential to prevent security breaches and unavailability of resources. These access control design concerns impose requirements that allow only authorized users to access protected computer-based resources. Addressing these concerns in a design results in the spreading of access control functionality across several design modules. The pervasive nature of access control functionality makes it difficult to evolve, analyze, and enforce access control policies. To tackle this problem, we propose using an aspect-oriented modeling(AOM) approach for addressing access control concerns. In the AOM approach, functionality that addresses a pervasive access control concern is localized in an aspect. Other functional design concerns are addressed in a model of the application referred to as a primary model. Composing access control aspects with a primary model results in an application model that addresses access control concerns. We illustrate our approach using a form of Role-Based Access Control. q 2003 Elsevier B.V. All rights reserved.
منابع مشابه
Specifying and Composing Concerns Expressed in Domain-Specific Modeling Languages
Separation of concerns and levels of abstraction are key software engineering principles that can help master the increasing complexity of software applications. Aspect-oriented modeling (AOM) and domain-specific modeling languages (DSML) are two important and promising approaches in this context. However, little research is done to investigate the synergy between AOM and DSMLs. In this paper w...
متن کاملRole Slices: A Notation for RBAC Permission Assignment and Enforcement
During the past decade, there has been an explosion in the complexity of software applications, with an increasing emphasis on software design via model-driven architectures, patterns, and models such as the unified modeling language (UML). Despite this, the integration of security concerns throughout the product life cycle has lagged, resulting in software infrastructures that are untrustworth...
متن کاملAspect-Oriented Modeling of Access Control in Web Applications
Access control is only inadequately supported by the common design methods for Web applications. We propose an aspect-oriented technique for solving this problem. Our approach is an extension of UML-based Web Engineering. UML state machines are used to specify the access control rules of navigation nodes. Aspectoriented modeling helps modularize the design.
متن کاملA framework of composable access control features: Preserving separation of access control concerns from models to code
Modeling of security policies, along with their realization in code, must be an integral part of the software development process, to achieve an acceptable level of security for a software application. Among all of the security concerns (e.g. authentication, auditing, access control, confidentiality, etc.), this paper addresses the incorporation of access control into software. The approach is ...
متن کاملAspect-Oriented Modeling of Web Applications with HiLA
Modern web applications often contain features, such as landmarks, access control, or adaptation, that are difficult to model modularly with existing Model-Driven Web Engineering approaches. We show how HILA, an aspectoriented extensions for UML state machines, can represent these kinds of features as aspects. The resulting models achieve separation of concerns and satisfy the “Don’t Repeat You...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Information & Software Technology
دوره 46 شماره
صفحات -
تاریخ انتشار 2004