Extending OCL for Secure Database Development

Fernández‐Medina, Eduardo; Piattini, Mario

doi:10.1007/978-3-540-30187-5_27

Cited by 22 publications

(18 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We have already commented on our earlier works [12,18] in the introduction of this paper, in particular, we now support the RDM2000 model for delegation and revocation. Other works which discuss role-based policy languages based on UML include [28,37,38,39,40,13]. Some of the approaches do not particularly address RBAC like UMLsec [37].…”

Section: Related Workmentioning

confidence: 99%

Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL

Sohr

Kuhlmann

Gogolla

et al. 2012

Information and Software Technology

View full text Add to dashboard Cite

Context. Role-based access control (RBAC) has become the de facto standard for access management in various large-scale organizations. Often rolebased policies must implement organizational rules to satisfy compliance or authorization requirements, e.g., the principle of separation of duty (SoD). To provide business continuity, organizations should also support the delegation of access rights and roles, respectively. This, however, makes access control more complex and error-prone, in particular, when delegation concepts interplay with SoD rules.Objective. A systematic way to specify and validate access control policies consisting of organizational rules such as SoD as well as delegation and revocation rules shall be developed. A domain-specific language for RBAC as well as delegation concepts shall be made available.Method. In this paper, we present an approach to the precise specification and validation of role-based policies based on UML and OCL. We significantly extend our earlier work, which proposed a UML-based domain-specific language for RBAC, by supporting delegation and revocation concepts.Result. We show the appropriateness of our approach by applying it to a banking application. In particular, we give three scenarios for validating the interplay between SoD rules and delegation/revocation. Preprint submitted to Information and Software TechnologyApril 19, 2012 Conclusion. To the best of our knowledge, this is the first attempt to formalize advanced RBAC concepts, such as history-based SoD as well as various delegation and revocation schemes, with UML and OCL. With the rich tool support of UML, we believe our work can be employed to validate and implement real-world role-based policies.

show abstract

Section: Related Workmentioning

confidence: 99%

Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL

Sohr

Kuhlmann

Gogolla

et al. 2012

Information and Software Technology

View full text Add to dashboard Cite

show abstract

“…This secure data PIM is represented through an extended UML class diagram, so as to be able to represent security aspects together with a set of security constraints that have been expressed through OSCL language [8], as we will see in the next section.…”

Section: Secure Xml Db Development Processmentioning

confidence: 99%

“…To develop a secure data PIM, a secure UML profile has been developed (for more details, see [8]). The defined UML profile allows us to classify both data and users according to different classification criteria.…”

Section: Secure Data Pimmentioning

confidence: 99%

“…The coexistence of these rules frequently provokes conflicts, that we solve by applying a set of conflict resolution rules defined in [8,9,10].…”

Section: Secure Data Pimmentioning

confidence: 99%

“…MIDAS proposes the use of standards in the development process, as well as the use of UML in modelling the WIS, irrespective of the abstraction level and the aspect of the system to be modelled. As UML does not allow us to represent all the necessary models, MIDAS incorporates some existing UML extensions and defines or adapts some new ones, whenever necessary [8,17].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Model driven development of secure XML databases

et al. 2006

Self Cite

View full text Add to dashboard Cite

In this paper, we propose a methodological approach for the model driven development of secure XML databases (DB). This proposal is within the framework of MIDAS, a model driven methodology for the development of Web Information Systems based on the Model Driven Architecture (MDA) proposed by the Object Management Group (OMG) [20]. The XML DB development process in MIDAS proposes using the data conceptual model as a Platform Independent Model (PIM) and the XML Schema model as a Platform Specific Model (PSM), with both of these represented in UML. In this work, such models will be modified, so as to be able to add security aspects if the stored information is considered as critical. On the one hand, the use of a UML extension to incorporate security aspects at the conceptual level of secure DB development (PIM) is proposed; on the other, the previously-defined XML schema profile will be modified, the purpose being to incorporate security aspects at the logical level of the secure XML DB development (PSM). In addition to all this, the semi-automatic mappings from PIM to PSM for secure XML DB will be defined.

show abstract

Secure Database Development

Jürjens¹,

Fernández²

2009

Encyclopedia of Database Systems

View full text Add to dashboard Cite

Extending OCL for Secure Database Development

Cited by 22 publications

References 15 publications

Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL

Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL

Model driven development of secure XML databases

Secure Database Development

Contact Info

Product

Resources

About