Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL

Karsten Sohr, Mirco Kuhlmann, Martin Gogolla, Hongxin Hu, Gail-Joon Ahn

Research output: Contribution to journalArticle

13 Citations (Scopus)

Abstract

Context: Role-based access control (RBAC) has become the de facto standard for access management in various large-scale organizations. Often role-based policies must implement organizational rules to satisfy compliance or authorization requirements, e.g., the principle of separation of duty (SoD). To provide business continuity, organizations should also support the delegation of access rights and roles, respectively. This, however, makes access control more complex and error-prone, in particular, when delegation concepts interplay with SoD rules. Objective: A systematic way to specify and validate access control policies consisting of organizational rules such as SoD as well as delegation and revocation rules shall be developed. A domain-specific language for RBAC as well as delegation concepts shall be made available. Method: In this paper, we present an approach to the precise specification and validation of role-based policies based on UML and OCL. We significantly extend our earlier work, which proposed a UML-based domain-specific language for RBAC, by supporting delegation and revocation concepts. Result: We show the appropriateness of our approach by applying it to a banking application. In particular, we give three scenarios for validating the interplay between SoD rules and delegation/revocation. Conclusion: To the best of our knowledge, this is the first attempt to formalize advanced RBAC concepts, such as history-based SoD as well as various delegation and revocation schemes, with UML and OCL. With the rich tool support of UML, we believe our work can be employed to validate and implement real-world role-based policies.

Original languageEnglish (US)
Pages (from-to)1396-1417
Number of pages22
JournalInformation and Software Technology
Volume54
Issue number12
DOIs
StatePublished - Dec 2012

Fingerprint

Access control
Specifications
Industry

Keywords

  • Delegation
  • OCL
  • RBAC
  • Revocation
  • UML

ASJC Scopus subject areas

  • Software
  • Information Systems
  • Computer Science Applications

Cite this

Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL. / Sohr, Karsten; Kuhlmann, Mirco; Gogolla, Martin; Hu, Hongxin; Ahn, Gail-Joon.

In: Information and Software Technology, Vol. 54, No. 12, 12.2012, p. 1396-1417.

Research output: Contribution to journalArticle

Sohr, Karsten ; Kuhlmann, Mirco ; Gogolla, Martin ; Hu, Hongxin ; Ahn, Gail-Joon. / Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL. In: Information and Software Technology. 2012 ; Vol. 54, No. 12. pp. 1396-1417.
@article{a792a651428442048845585ae89491c0,
title = "Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL",
abstract = "Context: Role-based access control (RBAC) has become the de facto standard for access management in various large-scale organizations. Often role-based policies must implement organizational rules to satisfy compliance or authorization requirements, e.g., the principle of separation of duty (SoD). To provide business continuity, organizations should also support the delegation of access rights and roles, respectively. This, however, makes access control more complex and error-prone, in particular, when delegation concepts interplay with SoD rules. Objective: A systematic way to specify and validate access control policies consisting of organizational rules such as SoD as well as delegation and revocation rules shall be developed. A domain-specific language for RBAC as well as delegation concepts shall be made available. Method: In this paper, we present an approach to the precise specification and validation of role-based policies based on UML and OCL. We significantly extend our earlier work, which proposed a UML-based domain-specific language for RBAC, by supporting delegation and revocation concepts. Result: We show the appropriateness of our approach by applying it to a banking application. In particular, we give three scenarios for validating the interplay between SoD rules and delegation/revocation. Conclusion: To the best of our knowledge, this is the first attempt to formalize advanced RBAC concepts, such as history-based SoD as well as various delegation and revocation schemes, with UML and OCL. With the rich tool support of UML, we believe our work can be employed to validate and implement real-world role-based policies.",
keywords = "Delegation, OCL, RBAC, Revocation, UML",
author = "Karsten Sohr and Mirco Kuhlmann and Martin Gogolla and Hongxin Hu and Gail-Joon Ahn",
year = "2012",
month = "12",
doi = "10.1016/j.infsof.2012.06.008",
language = "English (US)",
volume = "54",
pages = "1396--1417",
journal = "Information and Software Technology",
issn = "0950-5849",
publisher = "Elsevier",
number = "12",

}

TY - JOUR

T1 - Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL

AU - Sohr, Karsten

AU - Kuhlmann, Mirco

AU - Gogolla, Martin

AU - Hu, Hongxin

AU - Ahn, Gail-Joon

PY - 2012/12

Y1 - 2012/12

N2 - Context: Role-based access control (RBAC) has become the de facto standard for access management in various large-scale organizations. Often role-based policies must implement organizational rules to satisfy compliance or authorization requirements, e.g., the principle of separation of duty (SoD). To provide business continuity, organizations should also support the delegation of access rights and roles, respectively. This, however, makes access control more complex and error-prone, in particular, when delegation concepts interplay with SoD rules. Objective: A systematic way to specify and validate access control policies consisting of organizational rules such as SoD as well as delegation and revocation rules shall be developed. A domain-specific language for RBAC as well as delegation concepts shall be made available. Method: In this paper, we present an approach to the precise specification and validation of role-based policies based on UML and OCL. We significantly extend our earlier work, which proposed a UML-based domain-specific language for RBAC, by supporting delegation and revocation concepts. Result: We show the appropriateness of our approach by applying it to a banking application. In particular, we give three scenarios for validating the interplay between SoD rules and delegation/revocation. Conclusion: To the best of our knowledge, this is the first attempt to formalize advanced RBAC concepts, such as history-based SoD as well as various delegation and revocation schemes, with UML and OCL. With the rich tool support of UML, we believe our work can be employed to validate and implement real-world role-based policies.

AB - Context: Role-based access control (RBAC) has become the de facto standard for access management in various large-scale organizations. Often role-based policies must implement organizational rules to satisfy compliance or authorization requirements, e.g., the principle of separation of duty (SoD). To provide business continuity, organizations should also support the delegation of access rights and roles, respectively. This, however, makes access control more complex and error-prone, in particular, when delegation concepts interplay with SoD rules. Objective: A systematic way to specify and validate access control policies consisting of organizational rules such as SoD as well as delegation and revocation rules shall be developed. A domain-specific language for RBAC as well as delegation concepts shall be made available. Method: In this paper, we present an approach to the precise specification and validation of role-based policies based on UML and OCL. We significantly extend our earlier work, which proposed a UML-based domain-specific language for RBAC, by supporting delegation and revocation concepts. Result: We show the appropriateness of our approach by applying it to a banking application. In particular, we give three scenarios for validating the interplay between SoD rules and delegation/revocation. Conclusion: To the best of our knowledge, this is the first attempt to formalize advanced RBAC concepts, such as history-based SoD as well as various delegation and revocation schemes, with UML and OCL. With the rich tool support of UML, we believe our work can be employed to validate and implement real-world role-based policies.

KW - Delegation

KW - OCL

KW - RBAC

KW - Revocation

KW - UML

UR - http://www.scopus.com/inward/record.url?scp=84865777310&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84865777310&partnerID=8YFLogxK

U2 - 10.1016/j.infsof.2012.06.008

DO - 10.1016/j.infsof.2012.06.008

M3 - Article

VL - 54

SP - 1396

EP - 1417

JO - Information and Software Technology

JF - Information and Software Technology

SN - 0950-5849

IS - 12

ER -