Abstract
Nowadays, more and more security-relevant data are stored on computer systems; security-critical business processes are mapped to their digital pendants. This situation applies to various critical infrastructures requiring that different security requirements must be fulfilled. It demands a way to design and express higher-level security policies for such critical organizations. In this paper we focus on authorisation policies to demonstrate how software engineering techniques can help validate authorisation constraints and enforce access control policies. Our approach leverages features and functionalities of the UML/OCL modeling methods as well as model driven approach to represent and specify authorisation model and constraints. Using our authorisation constraints editor, we articulate role-based authorisation policies. Also, we attempt to validate and enforce such constraints with the USE (UML Specification Environment) tool.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
