SecureUML: A UML-Based Modeling Language for Model-Driven Security
We present a modeling language for the model-driven development of secure, distributed systems based on the Unified Modeling Language (UML). Our approach is based on role-based access control with additional support for specifying authorization constraints. We show how UML can be used to specify information related to access control in the overall design of an application and how this information can be used to automatically generate complete access control infrastructures. Our approach can be used to improve productivity during the development of secure distributed systems and the quality of the resulting systems.
Unable to display preview. Download preview PDF.
- BEA Systems, Inc. Programming WebLogic Enterprise JavaBeans, 2002. http://e-docs.bea.com/wls/docs6l/pdf/ejb.pdf.
- A. D. Brucker and B. Wolff. A Proposal for a Formal OCLS emantics in Isabelle/HOL. In C. Munoz, S. Tahar, and V Carreno, editors, TPHOLs 2002, LNCS. Springer-Verlag, 2002.Google Scholar
- P. Epstein and R. Sandhu. Towards a UML based approach to role engineering. In Proceedings of the fourth ACM workshop on Role-based access control, pages 135–143. ACM Press, 1999.Google Scholar
- Interactive Objects Software GmbH. ArcStylerExtensibility Guide, 2002. http://www.io-software.com/as-support/docu/extensibility-guide.pdf.
- T. Jaeger. On the increasing importance of constraints. In Proceedings of the fourth ACM workshop on Role-based access control, pages 33–42. ACM Press, 1999.Google Scholar
- Koch, A. Uhl, and D. Weise. Model Driven Architecture. Technical report, Interactive Objects Software GmbH, 2002. http://cgi. omg. org/ cgi-bin /doc?ormsc/ 02-01-04.pdf.
- Object Management Group. OMG Unified Modeling Language Specification, Version 1.4, 2001. http://www.omg.org/technology/documents/formal/uml.htm.
- R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):3–7, 1996.Google Scholar
- Sun Microsystems, Inc. Enterprise JavaBeans Specification, Version 2.0, 2001. http://java.sun.com/ejb/docs.html.