Advertisement

Automatic Generation of Security Compliant (Virtual) Model Views

  • Salvador Martínez
  • Alexis Fouche
  • Sébastien Gérard
  • Jordi Cabot
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11157)

Abstract

The increased adoption of model-driven engineering in collaborative development scenarios raises new security concerns such as confidentiality and integrity. In a collaborative setting, the model, or fragments of it, should only be accessed and manipulated by authorized parties. Otherwise, important knowledge could be unintentionally leaked or shared artifacts corrupted. In this paper we explore the introduction of access-control mechanisms for models. Our approach relies on the definition of a domain specific language tailored to the definition of access-control rules on models and on its enforcement thanks to the automatic generation of security compliant (virtual) views.

References

  1. 1.
    Ben Fadhel, A., Bianculli, D., Briand, L.: GemRBAC-DSL: a high-level specification language for role-based access control policies. In: SACMAT 2016, pp. 179–190. ACM (2016)Google Scholar
  2. 2.
    Bruneliere, H., Perez, J.G., Wimmer, M., Cabot, J.: EMF views: a view mechanism for integrating heterogeneous models. In: Johannesson, P., Lee, M.L., Liddle, S.W., Opdahl, A.L., López, Ó.P. (eds.) ER 2015. LNCS, vol. 9381, pp. 317–325. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-25264-3_23CrossRefGoogle Scholar
  3. 3.
    Debreceni, C., Bergmann, G., Ráth, I., Varró, D.: Enforcing fine-grained access control for secure collaborative modelling using bidirectional transformations. SOSYM, 1–33 (2017)Google Scholar
  4. 4.
    Ferraiolo, D., Cugini, J., Kuhn, D.R.: Role-based access control (RBAC): features and motivations. In: ACSAC, pp. 241–48 (1995)Google Scholar
  5. 5.
    Foster, J.N., Greenwald, M.B., Moore, J.T., Pierce, B.C., Schmitt, A.: Combinators for bidirectional tree transformations: a linguistic approach to the view-update problem. ACM TOPLAS 29(3), 17 (2007)CrossRefGoogle Scholar
  6. 6.
    Gérard, S., et al.: Papyrus UML, August 2012. http://www.papyrusuml.org
  7. 7.
    Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) \(<<\)UML\(>>\) 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45800-X_32CrossRefzbMATHGoogle Scholar
  8. 8.
    Lodderstedt, T., Basin, D., Doser, J.: SecureUML: a UML-based modeling language for model-driven security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) \(<<\)UML\(>>\) 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45800-X_33CrossRefzbMATHGoogle Scholar
  9. 9.
    Martínez, S., García, J., Cabot, J.: Runtime support for rule-based access-control evaluation through model-transformation. In: SLE 2016, pp. 57–69. ACM (2016)Google Scholar
  10. 10.
    Rissanen, E., et al.: eXtensible access control markup language (XACML) 3.0 (2013)Google Scholar
  11. 11.
    OMG, UML 2.0 OCL specification. OMG Adopted Specification (ptc/03-10-14) (2003)Google Scholar
  12. 12.
    Yuan, E., Tong, J.: Attributed based access control (ABAC) for web services. In: ICWS 2005. IEEE (2005)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Salvador Martínez
    • 1
  • Alexis Fouche
    • 1
  • Sébastien Gérard
    • 1
  • Jordi Cabot
    • 2
  1. 1.CEA-LISTParis-SaclayFrance
  2. 2.ICREA-UOCBarcelonaSpain

Personalised recommendations