TY - GEN
T1 - Articulating and enforcing authorisation policies with UML and OCL
AU - Sohr, Karsten
AU - Ahn, Gail Joon
AU - Migge, Lars
PY - 2005/5/15
Y1 - 2005/5/15
N2 - Nowadays, more and more security-relevant data are stored on computer systems; security-critical business processes are mapped to their digital pendants. This situation applies to various critical infrastructures requiring that different security requirements must be fulfilled. It demands a way to design and express higher-level security policies for such critical organizations. In this paper we focus on authorisation policies to demonstrate how software engineering techniques can help validate authorisation constraints and enforce access control policies. Our approach leverages features and functionalities of the UML/OCL modeling methods as well as model driven approach to represent and specify authorisation model and constraints. Using our authorisation constraints editor, we articulate role-based authorisation policies. Also, we attempt to validate and enforce such constraints with the USE (UML Specification Environment) tool.
AB - Nowadays, more and more security-relevant data are stored on computer systems; security-critical business processes are mapped to their digital pendants. This situation applies to various critical infrastructures requiring that different security requirements must be fulfilled. It demands a way to design and express higher-level security policies for such critical organizations. In this paper we focus on authorisation policies to demonstrate how software engineering techniques can help validate authorisation constraints and enforce access control policies. Our approach leverages features and functionalities of the UML/OCL modeling methods as well as model driven approach to represent and specify authorisation model and constraints. Using our authorisation constraints editor, we articulate role-based authorisation policies. Also, we attempt to validate and enforce such constraints with the USE (UML Specification Environment) tool.
UR - http://www.scopus.com/inward/record.url?scp=85085846560&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85085846560&partnerID=8YFLogxK
U2 - 10.1145/1083200.1083215
DO - 10.1145/1083200.1083215
M3 - Conference contribution
AN - SCOPUS:85085846560
T3 - SESS 2005 - Proceedings of the 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications
BT - SESS 2005 - Proceedings of the 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications
PB - Association for Computing Machinery, Inc
T2 - 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications, SESS 2005
Y2 - 15 May 2005 through 16 May 2005
ER -