Articulating and enforcing authorisation policies with UML and OCL

Karsten Sohr, Gail-Joon Ahn, Lars Migge

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)

Abstract

Nowadays, more and more security-relevant data are stored on computer systems; security-critical business processes are mapped to their digital pendants. This situation applies to various critical infrastructures requiring that different security requirements must be fulfilled. It demands a way to design and express higher-level security policies for such critical organizations. In this paper we focus on authorisation policies to demonstrate how software engineering techniques can help validate authorisation constraints and enforce access control policies. Our approach leverages features and functionalities of the UML/OCL modeling methods as well as model driven approach to represent and specify authorisation model and constraints. Using our authorisation constraints editor, we articulate role-based authorisation policies. Also, we attempt to validate and enforce such constraints with the USE (UML Specification Environment) tool.

Original languageEnglish (US)
Title of host publicationSESS 2005 - Proceedings of the 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications
PublisherAssociation for Computing Machinery, Inc
ISBN (Electronic)1595931147, 9781595931146
StatePublished - May 15 2005
Externally publishedYes
Event2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications, SESS 2005 - St. Louis, United States
Duration: May 15 2005May 16 2005

Other

Other2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications, SESS 2005
CountryUnited States
CitySt. Louis
Period5/15/055/16/05

Fingerprint

Critical infrastructures
Access control
Software engineering
Computer systems
Specifications
Industry

ASJC Scopus subject areas

  • Mechanical Engineering
  • Software
  • Automotive Engineering

Cite this

Sohr, K., Ahn, G-J., & Migge, L. (2005). Articulating and enforcing authorisation policies with UML and OCL. In SESS 2005 - Proceedings of the 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications Association for Computing Machinery, Inc.

Articulating and enforcing authorisation policies with UML and OCL. / Sohr, Karsten; Ahn, Gail-Joon; Migge, Lars.

SESS 2005 - Proceedings of the 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications. Association for Computing Machinery, Inc, 2005.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Sohr, K, Ahn, G-J & Migge, L 2005, Articulating and enforcing authorisation policies with UML and OCL. in SESS 2005 - Proceedings of the 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications. Association for Computing Machinery, Inc, 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications, SESS 2005, St. Louis, United States, 5/15/05.
Sohr K, Ahn G-J, Migge L. Articulating and enforcing authorisation policies with UML and OCL. In SESS 2005 - Proceedings of the 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications. Association for Computing Machinery, Inc. 2005
Sohr, Karsten ; Ahn, Gail-Joon ; Migge, Lars. / Articulating and enforcing authorisation policies with UML and OCL. SESS 2005 - Proceedings of the 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications. Association for Computing Machinery, Inc, 2005.
@inproceedings{401915437e404b259e622afb26465d76,
title = "Articulating and enforcing authorisation policies with UML and OCL",
abstract = "Nowadays, more and more security-relevant data are stored on computer systems; security-critical business processes are mapped to their digital pendants. This situation applies to various critical infrastructures requiring that different security requirements must be fulfilled. It demands a way to design and express higher-level security policies for such critical organizations. In this paper we focus on authorisation policies to demonstrate how software engineering techniques can help validate authorisation constraints and enforce access control policies. Our approach leverages features and functionalities of the UML/OCL modeling methods as well as model driven approach to represent and specify authorisation model and constraints. Using our authorisation constraints editor, we articulate role-based authorisation policies. Also, we attempt to validate and enforce such constraints with the USE (UML Specification Environment) tool.",
author = "Karsten Sohr and Gail-Joon Ahn and Lars Migge",
year = "2005",
month = "5",
day = "15",
language = "English (US)",
booktitle = "SESS 2005 - Proceedings of the 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications",
publisher = "Association for Computing Machinery, Inc",

}

TY - GEN

T1 - Articulating and enforcing authorisation policies with UML and OCL

AU - Sohr, Karsten

AU - Ahn, Gail-Joon

AU - Migge, Lars

PY - 2005/5/15

Y1 - 2005/5/15

N2 - Nowadays, more and more security-relevant data are stored on computer systems; security-critical business processes are mapped to their digital pendants. This situation applies to various critical infrastructures requiring that different security requirements must be fulfilled. It demands a way to design and express higher-level security policies for such critical organizations. In this paper we focus on authorisation policies to demonstrate how software engineering techniques can help validate authorisation constraints and enforce access control policies. Our approach leverages features and functionalities of the UML/OCL modeling methods as well as model driven approach to represent and specify authorisation model and constraints. Using our authorisation constraints editor, we articulate role-based authorisation policies. Also, we attempt to validate and enforce such constraints with the USE (UML Specification Environment) tool.

AB - Nowadays, more and more security-relevant data are stored on computer systems; security-critical business processes are mapped to their digital pendants. This situation applies to various critical infrastructures requiring that different security requirements must be fulfilled. It demands a way to design and express higher-level security policies for such critical organizations. In this paper we focus on authorisation policies to demonstrate how software engineering techniques can help validate authorisation constraints and enforce access control policies. Our approach leverages features and functionalities of the UML/OCL modeling methods as well as model driven approach to represent and specify authorisation model and constraints. Using our authorisation constraints editor, we articulate role-based authorisation policies. Also, we attempt to validate and enforce such constraints with the USE (UML Specification Environment) tool.

UR - http://www.scopus.com/inward/record.url?scp=84880143821&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84880143821&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84880143821

BT - SESS 2005 - Proceedings of the 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications

PB - Association for Computing Machinery, Inc

ER -