Abstract
The development of the information systems should answer more and more to the problems of federated data sources and the problems with the heterogeneous distributed information systems. The assurance of data access security realized in the cooperative information systems with loose connection among local data sources is hard to achieve mainly for two reasons: the local data sources are heterogeneous (i.e. data, models, access security models, semantics, etc.) and the local autonomy of systems does not allow to create a global integrated security schema.
The paper proposes to use one common set of access control concepts to support the access control management in security of heterogeneous information systems. The UML (Unified Modeling Language) concepts can be used to define and implement the most popular access control models, such as DAC, MAC or RBAC. Next, the concepts derived from different models can be joined to use one common approach comprehensible for each administrator of each cooperative information system in the federation.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Castaro, S., Fugini, M., Martella, G., & Samarati, P. (1994). Database security. Reading: Addison-Wesley.
Sandhu, R. S., Coyne, E. J., Feinstein, H. L., & Youman, C. E. (1996). Role-based access control models. IEEE Computer, 29(2), 38–47.
Sandhu, R. S., & Samarati, P. (1994). Access control: principles and practice. IEEE Communication, 32(9), 40–48.
Ferraiolo, D., Sandhu, R. S., Gavrila, S., Kuhn, D. R., & Chandramouli, R. (2001). Proposed NIST role-based access control. In ACM transactions on information and systems security.
Booch, G., Rumbaugh, J., & Jacobson, I. (2004). The unified modeling language user guide. Reading: Addison-Wesley.
Object Management Group (2005). OMG unified modeling language specification. Reference manual.
Disson, E., Boulanger, D., & Dubois, G. (2001). A role-based model for access control in database federations, information and communications security. In Proceedings of 3th ICICS, China.
Poniszewska-Maranda, A., Goncalves, G., & Hemery, F. (2005). Representation of extended RBAC model using UML language. In LNCS : Vol. 3381. Proceedings of SOFSEM 2005. Berlin: Springer.
Goncalves, G., & Poniszewska-Maranda, A. (2008). Role engineering: from design to evaluation of security schemas. Journal of Systems and Software, 81, 1306–1326.
Poniszewska-Maranda, A. (2006). Access control coherence of information systems based on security constraints. In LNCS. Proceedings of 25th international conference on computer safety, security and reliability. Berlin: Springer.
Ahn, G.-J. (1999). The RCL 2000 language for specifying role-based authorization constraints. Dissertation, ACM Transactions on Information and Systems Security.
Ahn, G.-J., & Sandhu, R. S. (1999). The RSL99 language for role-based separation of duty constraints. In ACM transactions on RBAC.
Ahn, G.-J., & Sandhu, R. S. (2000). Role-based authorization constraints specification. In ACM transactions on information and systems security.
Warmer, J. B., & Kleppe, A. G. (1999). The object constraint language. Precise modeling with UML. Reading: Addison-Wesley.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Poniszewska-Maranda, A. Conception approach of access control in heterogeneous information systems using UML. Telecommun Syst 45, 177–190 (2010). https://doi.org/10.1007/s11235-009-9243-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11235-009-9243-0