UML-Based Representation of Provision-Based Access Control

Lack of security in application development process implies conveyance of responsibility for protection and security from software analyzers and designers to employees developing the system. It imposes extra costs to software projects. To solve this problem, security should be considered in all of the software development phases from requirement engineering to design, implementation, test and maintenance. Access control as one of the security requirements can be gained by provision-based access control (PBAC) enabling authorization systems to decide flexibly and extends the access control mechanism by the employment Of provisional actions but its presented formal definitions are not desirable in a modeling language. In addition, sometimes formal and abstract statements of the PBAC model are too hard for the system developers to understand and cause complications. Even if the security models such as PBAC model are well known, there may be some different comprehensions about them and this causes inconsistent implementation and modeling. Therefore, to facilitate the developer's works, in this paper we represent PBAC concepts using a general purpose visual modeling language, UML, and its functional requirements. To achieve our objectives, our presentation includes static, functional, and dynamic views of the PBAC model. This approach can lead us to reduce the semantic gap between security models and system development