Model Driven Architecture for Modeling of Logical Security Based on RBAC Approach
نویسنده
چکیده
This paper presents an approach of role-based access control (RBAC) for information systems with the use of MDA (Model Driven Architecture). The main purpose is to join the concepts of MDA approach with the concepts of access control models, in particular with the concepts of access control based on roles and on usage concept. To reach this objectives the appropriate solution was created to model the extended RBAC model and URBAC model with the use of concepts and tools of software engineering, in particular MDA methodology and UML (Unified Modeling Language). The presented approach was developed for role engineering in the aspects of logical security of information systems.
منابع مشابه
Recovering Role-Based Access Control Security Models from Dynamic Web Applications
Security of dynamic web applications is a serious issue. While Model Driven Architecture (MDA) techniques can be used to generate applications with given access control security properties, analysis of existing web applications is more problematic. In this paper we present a model transformation technique to automatically construct a role-based access control (RBAC) security model of dynamic we...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملTowards Modeling Role-Based Pageflow Definitions within Web Applications
Model-Driven Software Development (MDSD) can be used to enhance developing and maintaining web applications. Furthermore, security plays a crucial role in the area of web applications. A seamless integration of access control and modeling web applications becomes important. This work introduces model-driven integration of security concerns into the development life cycle of web applications. In...
متن کاملA Model-driven Role-based Access Control for SQL Databases
Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC), which restricts system access to authorised users. While the benefits of RBAC are widely acknowledged, the implementation and administration of RBAC policies remains a human intensive activity, typically postponed until the...
متن کاملAutomatic Generation of a Multi Agent System for Crisis Management by a Model Driven Approach
Considering the increasing occurrences of unexpected events and the need for pre-crisis planning in order to reduce risks and losses, modeling instant response environments is needed more than ever. Modeling may lead to more careful planning for crisis-response operations, such as team formation, task assignment, and doing the task by teams. A common challenge in this way is that the model shou...
متن کامل