Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

International Conference on Availability, Reliability, and Security

CD-ARES 2012: Multidisciplinary Research and Practice for Information Systems pp 131–145Cite as

  1. Home
  2. Multidisciplinary Research and Practice for Information Systems
  3. Conference paper
UML Representation of Extended Role-Based Access Control Model with the Use of Usage Control Concept

UML Representation of Extended Role-Based Access Control Model with the Use of Usage Control Concept

  • Aneta Poniszewska-Maranda21 
  • Conference paper
  • 2318 Accesses

  • 1 Citations

Part of the Lecture Notes in Computer Science book series (LNISA,volume 7465)

Abstract

This paper presents an extension of role-based access control model with the use of usage control concept together with its representation using the Unified Modeling Language (UML). The presented model is developed for role engineering in the security of information system. The presented implementation of URBAC (Usage Role-Based Access Control) model consists in creation of security profiles for the users of information system.

Keywords

  • Access Control
  • Sequence Diagram
  • Access Control Policy
  • Access Control Model
  • Case Diagram

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Download conference paper PDF

References

  1. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)

    CrossRef  Google Scholar 

  2. Ferraiolo, D., Sandhu, R.S., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Role-Based Access control. ACM TISSEC (2001)

    Google Scholar 

  3. Booch, G., Rumbaugh, J., Jacobson, I.: The Unified Modeling Language User Guide. Addison-Wesley (2004)

    Google Scholar 

  4. OMG Unified Modeling Language (OMG UML): Superstructure, Version 2.2, The Object Management Group (February 2009), http://www.omg.org/technology/documents/formal/uml.htm

  5. Ahn, G.-J., Sandhu, R.S.: Role-based Authorization Constraints Specification. ACM Transactions on Information and Systems Security (2000)

    Google Scholar 

  6. Park, J., Zhang, X., Sandhu, R.: Attribute Mutability in Usage Control. In: 18th IFIP WG 11.3 Working Conference on Data and Applications Security (2004)

    Google Scholar 

  7. Lazouski, A., Martinelli, F., Mori, P.: Usage control in computer security: A survey. Computer Science Review 4(2), 81–99 (2010)

    CrossRef  Google Scholar 

  8. Pretschner, A., Hilty, M., Basin, D.: Distributed usage control. Communications of the ACM 49(9) (September 2006)

    Google Scholar 

  9. Zhang, X., Parisi-Presicce, F., Sandhu, R., Park, J.: Formal Model and Policy Specification of Usage Control. ACM TISSEC 8(4), 351–387 (2005)

    CrossRef  Google Scholar 

  10. Poniszewska-Maranda, A., Goncalves, G., Hemery, F.: Representation of Extended RBAC Model Using UML Language. In: Vojtáš, P., Bieliková, M., Charron-Bost, B., Sýkora, O. (eds.) SOFSEM 2005. LNCS, vol. 3381, pp. 413–417. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  11. Poniszewska-Marańda, A.: Access Control Coherence of Information Systems Based on Security Constraints. In: Górski, J. (ed.) SAFECOMP 2006. LNCS, vol. 4166, pp. 412–425. Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  12. Goncalves, G., Poniszewska-Maranda, A.: Role engineering: from design to evaluation of security schemas. Journal of Systems and Software 81(8), 1306–1326 (2008)

    CrossRef  Google Scholar 

  13. Poniszewska-Maranda, A.: Conception Approach of Access Control in Heterogeneous Information Systems using UML. Journal of Telecommunication Systems 45(2-3), 177–190 (2010)

    CrossRef  Google Scholar 

  14. Strembeck, M., Neumann, G.: An Integrated Approach to Engineer and Enforce Context Constraints in RBAC Environments. ACM Trans. Information and System Security 7(3), 392–427 (2004)

    CrossRef  Google Scholar 

  15. Castaro, S., Fugini, M., Martella, G., Samarati, P.: Database Security. Addison-Wesley (1994)

    Google Scholar 

  16. Bertino, E., Ferrari, E., Atluri, V.: The Specification and Enforcement of Authorization Constraints in Workflow Management Systems. ACM Transactions on Information and System Security (TISSEC) 2(1) (February 1999)

    Google Scholar 

  17. Dows, D., Rub, J., Kung, K., Jordan, C.: Issues in discretionary access control. In: Proc. of IEEE Symposium on Research in Security and Privacy, pp. 208–218 (1985)

    Google Scholar 

  18. Bertino, E., Bettini, C., Samarati, P.: Temporal Access Control Mechanism for Database Systems. IEEE Trans. on Knowledge and Data Engineering (8) (1996)

    Google Scholar 

  19. Bertino, E., Bonatti, P., Ferrari, E.: A Temporal Role-based Access Control Model. ACM Trans. on Information and System Security 4(3), 191–233 (2001)

    CrossRef  Google Scholar 

  20. Gal, A., Atluri, V.: An Authorization Model for Temporal Data. ACM Transaction on Information and System Security 5(1) (2002)

    Google Scholar 

  21. James, B., Joshi, E., Bertino, U., Latif, A., Ghafoo, A.: A Generalized Temporal Role-Based Access Control Model. IEEE Transitions on Knowledge and Data Engineerin 17(1), 4–23 (2005)

    CrossRef  Google Scholar 

  22. Poniszewska-Maranda, A.: Implementation of Access Control Model for Distributed Information Systems Using Usage Control. In: Bouvry, P., Kłopotek, M.A., Leprévost, F., Marciniak, M., Mykowiecka, A., Rybiński, H. (eds.) SIIS 2011. LNCS, vol. 7053, pp. 54–67. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Information Technology, Technical University of Lodz, Poland

    Aneta Poniszewska-Maranda

Authors
  1. Aneta Poniszewska-Maranda
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of IT, Engineering and Environment, University of South Australia, Mawson Lakes Campus, 5001, Adelaide, SA, Australia

    Gerald Quirchmayr

  2. Department of Information Technologies, University of Economics, W. Churchill Sq. 4, 130 67, Prague 3, Czech Republic

    Josef Basl

  3. School of Information Science, Korean Bible University, 16 Danghyun 2-gil, Nowon-gu, 139-791, Seoul, Korea

    Ilsun You

  4. Information Technology and Decision Sciences, Old Dominion University, 2076 Constant Hall, 23529, Norfolk, VA, USA

    Lida Xu

  5. Institute of Software Technology and Interactive Systems, Vienna University of Technology and SBA Research, Favoritenstrsse 9-11, 1040, Vienna, Austria

    Edgar Weippl

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 IFIP International Federation for Information Processing

About this paper

Cite this paper

Poniszewska-Maranda, A. (2012). UML Representation of Extended Role-Based Access Control Model with the Use of Usage Control Concept. In: Quirchmayr, G., Basl, J., You, I., Xu, L., Weippl, E. (eds) Multidisciplinary Research and Practice for Information Systems. CD-ARES 2012. Lecture Notes in Computer Science, vol 7465. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32498-7_11

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-32498-7_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-32497-0

  • Online ISBN: 978-3-642-32498-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature