Sciweavers

FASE
2004
Springer

Modeling Role-Based Access Control Using Parameterized UML Models

14 years 6 months ago
Modeling Role-Based Access Control Using Parameterized UML Models
Abstract. Organizations use Role-Based Access Control (RBAC) to protect computer-based resources from unauthorized access. There has been considerable work on formally specifying RBAC policies but there is still a need for RBAC policy specification techniques that can be integrated into software design methods. This paper describes a method for incorporating specifications of RBAC policies into UML design models. Reusable RBAC policies are specified as patterns and are expressed using UML template diagrams. Incorporating RBAC policies into an application specific model involves instantiating the patterns and composing the instantiations with the model. The method also includes a technique for specifying patterns of RBAC violations. Developers can use the patterns to identify policy violations in their models. The method is illustrated using a small banking application.
Dae-Kyoo Kim, Indrakshi Ray, Robert B. France, Na
Added 01 Jul 2010
Updated 01 Jul 2010
Type Conference
Year 2004
Where FASE
Authors Dae-Kyoo Kim, Indrakshi Ray, Robert B. France, Na Li
Comments (0)