Verifiable composition of access control and application features

Access control features are often spread across and tangled with other functionality in a design. This makes modifying and replacing these features in a design difficult. Aspect-oriented modeling (AOM) techniques can be used to support separation of access control concerns from other application design concerns. Using an AOM approach, access control features are described by aspect models and other application features are described by a primary model. Composition of aspect and primary models yields a design model in which access control features are integrated with other application features. In this paper, we present, through an example, an AOM approach that supports verifiable composition of behaviors described in access control aspect models and primary models. Given an aspect model, a primary model, and a specified property, the composition technique produces proof obligations as the behavioral descriptions in the aspect and primary models are composed. One has to discharge the proof obligations to establish that the composed model has the specified property.

[1]  Charles Ashbacher,et al.  The Object Constraint Language Second Edition, Getting Your Models Ready for MDA, by Jos Warmer and Anneke Kleppe. , 2003 .

[2]  Robert B. France,et al.  Model Composition Directives , 2004, UML.

[3]  Indrakshi Ray,et al.  An aspect-based approach to modeling access control concerns , 2004, Inf. Softw. Technol..

[4]  Jos Warmer,et al.  The object constraint language , 1998 .

[5]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[6]  Sylvia L. Osborn,et al.  Modeling users in role-based access control , 2000, RBAC '00.

[7]  Lam-for Kwok,et al.  Integrating security design into the software development process for e-commerce systems , 2001, Inf. Manag. Comput. Secur..

[8]  Anneke Kleppe,et al.  The Object Constraint Language: Getting Your Models Ready for MDA , 2003 .

[9]  William G. Griswold,et al.  Getting started with ASPECTJ , 2001, CACM.

[10]  Gail-Joon Ahn,et al.  Role-based authorization constraints specification using Object Constraint Language , 2001, Proceedings Tenth IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises. WET ICE 2001.

[11]  Sylvia L. Osborn,et al.  The role graph model and conflict of interest , 1999, TSEC.

[12]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[13]  Gail-Joon Ahn,et al.  The RSL99 language for role-based separation of duty constraints , 1999, RBAC '99.

[14]  Trent Jaeger,et al.  An access control model for simplifying constraint expression , 2000, CCS.

[15]  Indrakshi Ray,et al.  Using uml to visualize role-based access control constraints , 2004, SACMAT '04.

[16]  Siobhán Clarke,et al.  Extending standard UML with model composition semantics , 2002, Sci. Comput. Program..

[17]  Indrakshi Ray,et al.  Modeling Role-Based Access Control Using Parameterized UML Models , 2004, FASE.

[18]  Robert B. France,et al.  Specifying Cross-Cutting Requirement Concerns , 2004, UML.

[19]  Harold Ossher,et al.  Using multidimensional separation of concerns to (re)shape evolving software , 2001, CACM.

[20]  Indrakshi Ray,et al.  Using aspects to design a secure system , 2002, Eighth IEEE International Conference on Engineering of Complex Computer Systems, 2002. Proceedings..

[21]  Jan Jürjens,et al.  Towards Development of Secure Systems Using UMLsec , 2001, FASE.

[22]  Indrakshi Ray,et al.  An Aspect-Based Approach to Modeling Security Concerns , 2007 .

[23]  Luigi V. Mancini,et al.  A graph-based formalism for RBAC , 2002, TSEC.