Representation of Extended RBAC Model Using UML Language

Poniszewska-Marańda, Aneta; Gonçalves, Gilles; Hémery, Fred

doi:10.1007/978-3-540-30577-4_51

Cited by 16 publications

(13 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The entire procedure is performed in two stages: defining the permissions assigned to a function and providing the definitions of functions assigned to a particular role. [8] In an organization roles provided for various job functions. Specific roles assigned to perform certain operations.…”

Section: Role-based Access Control Modelmentioning

confidence: 99%

Review on Database Access Control Mechanisms and Models

Yadav¹,

Shah²

2015

IJCA

View full text Add to dashboard Cite

The recent rapid explosion of web based applications and information system have further increased the risk exposure of databases and thus, data protection is today more crucial than ever. It is more important to protect data not only from external intruders but also internal intruders. In this paper, different access control mechanisms and its models discussed to achieving the confidentiality, integrity and availability goals of the database security in the organization. The models are useful in classification systems to prevent theft of information and effect of data at higher classification levels.

show abstract

Section: Role-based Access Control Modelmentioning

confidence: 99%

Review on Database Access Control Mechanisms and Models

Yadav¹,

Shah²

2015

IJCA

View full text Add to dashboard Cite

show abstract

“…The user can take different roles on different occasions. -Extended RBAC (eRBAC) model [8,9]-each role realizes a specific task in the enterprise process and it contains many functions that the user can take. For each role it is possible to choose the necessary system functions.…”

Section: Access Control In Heterogeneous Information Systemsmentioning

confidence: 99%

“…5). The presentation of connections between the UML and the extended RBAC concepts is described widely in [8]:…”

Section: Concepts Of Extended Rbac Model Associated With Uml Conceptsmentioning

confidence: 99%

Conception approach of access control in heterogeneous information systems using UML

Poniszewska-Marańda

2009

Telecommun Syst

Self Cite

View full text Add to dashboard Cite

The development of the information systems should answer more and more to the problems of federated data sources and the problems with the heterogeneous distributed information systems. The assurance of data access security realized in the cooperative information systems with loose connection among local data sources is hard to achieve mainly for two reasons: the local data sources are heterogeneous (i.e. data, models, access security models, semantics, etc.) and the local autonomy of systems does not allow to create a global integrated security schema.The paper proposes to use one common set of access control concepts to support the access control management in security of heterogeneous information systems. The UML (Unified Modeling Language) concepts can be used to define and implement the most popular access control models, such as DAC, MAC or RBAC. Next, the concepts derived from different models can be joined to use one common approach comprehensible for each administrator of each cooperative information system in the federation.

show abstract

“…Role-Based Access Control (RBAC) [15,16] or its extensions [17] require the identification of roles in a system. The role is viewed as a structure around which the access control policy is formulated.…”

Section: Role Concept and Usage Concept In Access Controlmentioning

confidence: 99%

“…This approach was based on two access control models: extended RBAC model [17] and UCON model [18,19].…”

Section: Approach Of Role Based Access Control With Concept Of Usage mentioning

confidence: 99%

Modeling and design of role engineering in development of access control for dynamic information systems

Poniszewska-Marańda¹

2013

Bulletin of the Polish Academy of Sciences: Technical Sciences

View full text Add to dashboard Cite

Abstract. Nowadays, the growth and complexity of functionalities of current information systems, especially dynamic, distributed and heterogeneous information systems, makes the design and creation of such systems a difficult task and at the same time, strategic for businesses. A very important stage of data protection in an information system is the creation of a high level model, independent of the software, satisfying the needs of system protection and security. The process of role engineering, i.e. the identification of roles and setting up in an organization is a complex task.The paper presents the modeling and design stages in the process of role engineering in the aspect of security schema development for information systems, in particular for dynamic, distributed information systems, based on the role concept and the usage concept. Such a schema is created first of all during the design phase of a system. Two actors should cooperate with each other in this creation process, the application developer and the security administrator, to determine the minimal set of user's roles in agreement with the security constraints that guarantee the global security coherence of the system.

show abstract

Representation of Extended RBAC Model Using UML Language

Cited by 16 publications

References 3 publications

Review on Database Access Control Mechanisms and Models

Review on Database Access Control Mechanisms and Models

Conception approach of access control in heterogeneous information systems using UML

Modeling and design of role engineering in development of access control for dynamic information systems

Contact Info

Product

Resources

About