RBAC/MAC Security Analysis and Design for UML

In software construction, analysis investigates the boundary of a system (scope and requirements), its usage and access, and from a security perspective, who needs access to what when. Given sufficient analysis, a logical initial solution can be designed to capture system functionality including security capabilities. To facilitate the iterative process of analysis and design, one popular technique is the unified modeling language, UML, a language for specifying, visualizing, constructing and documenting software artifacts. In UML, diagrams provide alternate perspectives on the design, including: use-case diagrams for the interaction of users with system components, class diagrams for the static classes and relationships among them, and sequence diagrams for the dynamic behavior of objects. However, the ability to analyze and design security requirements in UML is not directly supported. In this paper, we propose an approach that incorporates rolebased access control (RBAC) and mandatory access control (MAC) into UML use-case and class diagrams, providing support for the design of roles (associated with use-case actors), and clearances and classifications for relevant UML elements. In addition, we provide analysis across the UML diagrams, as actors, use cases and classes are defined, to support a degree of security assurance (with mutual exclusion), and to upgrade the usage of UML for secure RBAC/MAC software design. To demonstrate the feasibility and utility of our work, we briefly report on the progress of our RBAC/MAC enhancements into the Borland’s UML tool Together Control Center.