Towards realizing a formal RBAC model in real systems

Gail-Joon Ahn, Hongxin Hu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

28 Citations (Scopus)

Abstract

There still exists an open question on how formal models can be fully realized in the system development phase. The Model Driven Development (MDD) approach has been recently introduced to deal with such a critical issue for building high assurance software systems. There still exists an open question on how formal models can be fully realized in the system development phase. The Model Driven Development (MDD) approach has been recently introduced to deal with such a critical issue for building high assurance software systems. The MDD approach focuses on the transformation of high-level design models to system implementation modules. However, this emerging development approach lacks an adequate procedure to address security issues derived from formal security models. In this paper, we propose an empirical framework to integrate security model representation, security policy specification, and systematic validation of security model and policy, which would be eventually used for accommodating security concerns during the system development. We also describe how our framework can minimize the gap between security models and the development of secure systems. In addition, we overview a proof-of-concept prototype of our tool that facilitates existing software engineering mechanisms to achieve the above-mentioned features of our framework.

Original languageEnglish (US)
Title of host publicationProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
Pages215-224
Number of pages10
DOIs
StatePublished - 2007
Externally publishedYes
EventSACMAT'07: 12th ACM Symposium on Access Control Models and Technologies - Sophia Antipolis, France
Duration: Jun 20 2007Jun 22 2007

Other

OtherSACMAT'07: 12th ACM Symposium on Access Control Models and Technologies
CountryFrance
CitySophia Antipolis
Period6/20/076/22/07

Fingerprint

Software engineering
Specifications

Keywords

  • Access control
  • Code generation
  • Model validation
  • Policy specification

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Ahn, G-J., & Hu, H. (2007). Towards realizing a formal RBAC model in real systems. In Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT (pp. 215-224) https://doi.org/10.1145/1266840.1266875

Towards realizing a formal RBAC model in real systems. / Ahn, Gail-Joon; Hu, Hongxin.

Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. 2007. p. 215-224.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Ahn, G-J & Hu, H 2007, Towards realizing a formal RBAC model in real systems. in Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. pp. 215-224, SACMAT'07: 12th ACM Symposium on Access Control Models and Technologies, Sophia Antipolis, France, 6/20/07. https://doi.org/10.1145/1266840.1266875
Ahn G-J, Hu H. Towards realizing a formal RBAC model in real systems. In Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. 2007. p. 215-224 https://doi.org/10.1145/1266840.1266875
Ahn, Gail-Joon ; Hu, Hongxin. / Towards realizing a formal RBAC model in real systems. Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. 2007. pp. 215-224
@inproceedings{49c41f6f177c44a69860fd9b7ea0f96b,
title = "Towards realizing a formal RBAC model in real systems",
abstract = "There still exists an open question on how formal models can be fully realized in the system development phase. The Model Driven Development (MDD) approach has been recently introduced to deal with such a critical issue for building high assurance software systems. There still exists an open question on how formal models can be fully realized in the system development phase. The Model Driven Development (MDD) approach has been recently introduced to deal with such a critical issue for building high assurance software systems. The MDD approach focuses on the transformation of high-level design models to system implementation modules. However, this emerging development approach lacks an adequate procedure to address security issues derived from formal security models. In this paper, we propose an empirical framework to integrate security model representation, security policy specification, and systematic validation of security model and policy, which would be eventually used for accommodating security concerns during the system development. We also describe how our framework can minimize the gap between security models and the development of secure systems. In addition, we overview a proof-of-concept prototype of our tool that facilitates existing software engineering mechanisms to achieve the above-mentioned features of our framework.",
keywords = "Access control, Code generation, Model validation, Policy specification",
author = "Gail-Joon Ahn and Hongxin Hu",
year = "2007",
doi = "10.1145/1266840.1266875",
language = "English (US)",
isbn = "1595937455",
pages = "215--224",
booktitle = "Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT",

}

TY - GEN

T1 - Towards realizing a formal RBAC model in real systems

AU - Ahn, Gail-Joon

AU - Hu, Hongxin

PY - 2007

Y1 - 2007

N2 - There still exists an open question on how formal models can be fully realized in the system development phase. The Model Driven Development (MDD) approach has been recently introduced to deal with such a critical issue for building high assurance software systems. There still exists an open question on how formal models can be fully realized in the system development phase. The Model Driven Development (MDD) approach has been recently introduced to deal with such a critical issue for building high assurance software systems. The MDD approach focuses on the transformation of high-level design models to system implementation modules. However, this emerging development approach lacks an adequate procedure to address security issues derived from formal security models. In this paper, we propose an empirical framework to integrate security model representation, security policy specification, and systematic validation of security model and policy, which would be eventually used for accommodating security concerns during the system development. We also describe how our framework can minimize the gap between security models and the development of secure systems. In addition, we overview a proof-of-concept prototype of our tool that facilitates existing software engineering mechanisms to achieve the above-mentioned features of our framework.

AB - There still exists an open question on how formal models can be fully realized in the system development phase. The Model Driven Development (MDD) approach has been recently introduced to deal with such a critical issue for building high assurance software systems. There still exists an open question on how formal models can be fully realized in the system development phase. The Model Driven Development (MDD) approach has been recently introduced to deal with such a critical issue for building high assurance software systems. The MDD approach focuses on the transformation of high-level design models to system implementation modules. However, this emerging development approach lacks an adequate procedure to address security issues derived from formal security models. In this paper, we propose an empirical framework to integrate security model representation, security policy specification, and systematic validation of security model and policy, which would be eventually used for accommodating security concerns during the system development. We also describe how our framework can minimize the gap between security models and the development of secure systems. In addition, we overview a proof-of-concept prototype of our tool that facilitates existing software engineering mechanisms to achieve the above-mentioned features of our framework.

KW - Access control

KW - Code generation

KW - Model validation

KW - Policy specification

UR - http://www.scopus.com/inward/record.url?scp=34548089388&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34548089388&partnerID=8YFLogxK

U2 - 10.1145/1266840.1266875

DO - 10.1145/1266840.1266875

M3 - Conference contribution

AN - SCOPUS:34548089388

SN - 1595937455

SN - 9781595937452

SP - 215

EP - 224

BT - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

ER -