article

Model driven security: From UML models to access control infrastructures

Authors:

Torsten LodderstedtAuthors Info & Claims

ACM Transactions on Software Engineering and Methodology (TOSEM), Volume 15, Issue 1

Pages 39 - 91

https://doi.org/10.1145/1125808.1125810

Published: 01 January 2006 Publication History

Abstract

We present a new approach to building secure systems. In our approach, which we call Model Driven Security, designers specify system models along with their security requirements and use tools to automatically generate system architectures from the models, including complete, configured access control infrastructures. Rather than fixing one particular modeling language for this process, we propose a general schema for constructing such languages that combines languages for modeling systems with languages for modeling security. We present several instances of this schema that combine (both syntactically and semantically) different UML modeling languages with a security modeling language for formalizing access control requirements. From models in the combined languages, we automatically generate access control infrastructures for server-based applications, built from declarative and programmatic access control mechanisms. The modeling languages and generation process are semantically well-founded and are based on an extension of Role-Based Access Control. We have implemented this approach in a UML-based CASE-tool and report on experiments.

References

[1]

Ahn, G.-J. and Sandhu, R. S. 1999. The RSL99 language for role-based separation of duty constraints. In Proceedings of the 4th ACM Workshop on Role-based Access Control. ACM Press, 43--54.]]

[2]

Ahn, G.-J. and Sandhu, R. S. 2000. Role-based authorization constraints specification. ACM Trans. Inform. Syst. Security 3, 4 (November), 207--226.]]

[3]

Ahn, G.-J. and Shin, M. E. 2000. UML-based representation of role-based access control. In 9th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2000). IEEE Computer Society, 195--200.]]

[4]

Ahn, G.-J. and Shin, M. E. 2001. Role-based authorization constraints specification using object constraint language. In 10th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2001). IEEE Computer Society, 157--162.]]

[5]

Akehurst, D. and Kent, S. 2002. A relational approach to defining transformations in a metamodel. In UML 2002---The Unified Modeling Language. Model Engineering, Languages, Concepts, and Tools. 5th International Conference, Dresden, Germany, September/October 2002, Proceedings. LNCS, vol. 2460. Springer Verlag, 243--258.]]

[6]

Beckert, B., Keller, U., and Schmitt, P. H. 2002. Translating the Object Constraint Language into first-order predicate logic. In Proceedings of the Second Verification Workshop: VERIFY'02 (Copenhagen, Denmark, July 25--26, 2002), S. Autexier and H. Mantel, Eds. DIKU technical reports, vol. 02-07. 113--123.]]

[7]

Bell, D. E. and LaPadula, L. J. 1976. Secure computer systems: Unified exposition and multics interpretation. Tech. Rep. MTR-2997, The Mitre Corporation. March.]]

[8]

Beyer, D. 2001. C&num; COM+ Programming, Book and CD-ROM (October 15, 2001) ed. John Wiley & Sons.]]

[9]

Brewer, D. and Nash, M. 1989. The chinese wall security policy. In Proceedings of the 1989 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 206--214.]]

[10]

Chen, F. and Sandhu, R. S. 1996. Constraints for role-based access control. In Proceedings of the 1st ACM Workshop on Role-based Access Control. ACM Press, 39--46.]]

[11]

Damianou, N. 2002. A policy framework for management of distributed systems. Ph.D. thesis, Imperial College, University of London.]]

[12]

Damianou, N., Dulay, N., Lupu, E., and Sloman, M. 2001. The ponder policy specification language. In Policies for Distributed Systems and Networks (POLICY 2001), M. Sloman, J. Lobo, and E. C. Lupu, Eds. Number 1995 in LNCS. Springer-Verlag, 18--38.]]

[13]

Epstein, P. and Sandhu, R. S. 1999. Towards a UML based approach to role engineering. In Proceedings of the 4th ACM Workshop on Role-based Access Control. ACM Press, 135--143.]]

[14]

Ferraiolo, D. F., Sandhu, R., Gavrila, S., Kuhn, D. R., and Chandramouli, R. 2001. Proposed NIST standard for role-based access control. ACM Trans. Inform. Syst. Security (TISSEC) 4, 3, 224--274.]]

[15]

Frankel, D. S. 2003. Model Driven Architecture#8482; : Applying MDA#8482; to Enterprise Computing. John Wiley & Sons.]]

[16]

Goguen, J. A. and Meseguer, J. 1992. Order-sorted algebra I: equational deduction for multiple inheritance, overloading, exceptions and partial operations. Theor. Comput. Sci. 105, 2 (November), 217--273.]]

[17]

Hubert, R. 2001. Convergent Architecture: Building Model Driven J2EE Systems with UML. John Wiley & Sons.]]

[18]

Hunter, J. 2001. Java Servlet Programming, 2nd Edition. O'Reilly & Associates.]]

[19]

Jaeger, T. 1999. On the increasing importance of constraints. In Proceedings of 4th ACM Workshop on Role-based Access Control. ACM Press, 33--42.]]

[20]

Jürjens, J. 2001. Towards development of secure systems using UMLsec. In Fundamental Approaches to Software Engineering (FASE/ETAPS 2001), H. Hussmann, Ed. Number 2029 in LNCS. Springer-Verlag, 187--200.]]

[21]

Kiczales, G., Lamping, J., Menhdhekar, A., Maeda, C., Lopes, C., Loingtier, J.-M., and Irwin, J. 1997. Aspect-oriented programming. In Proceedings European Conference on Object-Oriented Programming, M. Akşit and S. Matsuoka, Eds. Vol. 1241. Springer-Verlag, 220--242.]]

[22]

Krasner, G. E. and Pope, S. T. 1988. A cookbook for using the model-view controller user interface paradigm in smalltalk-80. J. Object Oriented Prog. 1, 3, 26--49.]]

[23]

Lodderstedt, T. 2003. Model driven security: from UML models to access control architectures. Ph.D. thesis, University of Freiburg, Germany.]]

[24]

Mayfield, T., Roskos, J. E., Welke, S. R., and Boone, J. M. 1991. Integrity in automated information systems. Tech. Rep. 79--91, National Computer Security Center. September.]]

[25]

Monson-Haefel, R. 2001. Enterprise JavaBeans (3rd Edition). O'Reilly & Associates.]]

[26]

Object Management Group 2002. Meta-Object Facility (MOF#8482;), version 1.4. Object Management Group. http://www.omg.org/technology/documents/formal/mof.htm.]]

[27]

Rumbaugh, J., Jacobson, I., and Booch, G. 1998. The Unified Modeling Language Reference Manual. Addison-Wesley.]]

[28]

von der Beeck, M. 1994. A comparison of statechart variants. In Formal Techniques in Real-Time and Fault-Tolerant Systems, H. Langmaack, W.-P. de Roever, and J. Vytopil, Eds. LNCS, vol. 863. Springer Verlag, 128--148.]]

Cited By

Katsikeas SBuhaiu AEkstedt MAfzal ZHacks SMukherjee P(2024)Development and validation of coreLang: A threat modeling language for the ICT domainComputers & Security10.1016/j.cose.2024.104057146(104057)Online publication date: Nov-2024
https://doi.org/10.1016/j.cose.2024.104057
de Kinderen SKaczmarek-Heß MHacks S(2024)A Multi-level Reference Model and a Dedicated Method for Cyber-Security by DesignBusiness & Information Systems Engineering10.1007/s12599-024-00899-yOnline publication date: 28-Oct-2024
https://doi.org/10.1007/s12599-024-00899-y
Chimuco FSequeiros JSimōes TFreire MInácio P(2024)Expediting the design and development of secure cloud-based mobile appsInternational Journal of Information Security10.1007/s10207-024-00880-623:4(3043-3064)Online publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1007/s10207-024-00880-6
Show More Cited By

Index Terms

Model driven security: From UML models to access control infrastructures

Recommendations

Model driven security for process-oriented systems
SACMAT '03: Proceedings of the eighth ACM symposium on Access control models and technologies

Model Driven Architecture is an approach to increasing the quality of complex software systems based on creating high-level system models and automatically generating system architectures from the models. We show how this paradigm can be specialized to ...
A UML profile for role-based access control
SIN '09: Proceedings of the 2nd international conference on Security of information and networks

When building an access control aware system, integrating access control specifications into the development process is problematic. Even if security modeling is structured at the early phases of development, security mechanisms are placed into the ...
A diagrammatic approach to model transformations
EATIS '08: Proceedings of the 2008 Euro American Conference on Telematics and Information Systems

The raise of the abstraction level of programming languages has resulted in the usage of models and model transformations in software development processes. As a consequence of the usage of models as input to model transformation tools, there is a need ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Software Engineering and Methodology

ACM Transactions on Software Engineering and Methodology Volume 15, Issue 1

January 2006

122 pages

ISSN:1049-331X

EISSN:1557-7392

DOI:10.1145/1125808

Issue’s Table of Contents

Copyright © 2006 ACM.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 January 2006

Published in TOSEM Volume 15, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

349
Total Citations
View Citations
4,224
Total Downloads

Downloads (Last 12 months)59
Downloads (Last 6 weeks)7

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Katsikeas SBuhaiu AEkstedt MAfzal ZHacks SMukherjee P(2024)Development and validation of coreLang: A threat modeling language for the ICT domainComputers & Security10.1016/j.cose.2024.104057146(104057)Online publication date: Nov-2024
https://doi.org/10.1016/j.cose.2024.104057
de Kinderen SKaczmarek-Heß MHacks S(2024)A Multi-level Reference Model and a Dedicated Method for Cyber-Security by DesignBusiness & Information Systems Engineering10.1007/s12599-024-00899-yOnline publication date: 28-Oct-2024
https://doi.org/10.1007/s12599-024-00899-y
Chimuco FSequeiros JSimōes TFreire MInácio P(2024)Expediting the design and development of secure cloud-based mobile appsInternational Journal of Information Security10.1007/s10207-024-00880-623:4(3043-3064)Online publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1007/s10207-024-00880-6
Alfuhaid SAnda AAmyot DRoveri MMylopoulos J(2024)SymboleoAC: An Access Control Model for Legal ContractsThe Practice of Enterprise Modeling10.1007/978-3-031-77908-4_14(227-243)Online publication date: 30-Nov-2024
https://doi.org/10.1007/978-3-031-77908-4_14
Trinh TTo VTruong NLe H(2024)Analysing Conflict of Interest Integrated in Role-Based Access Control Model Using Event-BIntelligence of Things: Technologies and Applications10.1007/978-3-031-75593-4_6(57-72)Online publication date: 17-Dec-2024
https://doi.org/10.1007/978-3-031-75593-4_6
Ashutosh AGerl AWagner SBrunie LKosch H(2023)XACML for Mobility (XACML4M)—An Access Control Framework for Connected VehiclesSensors10.3390/s2304176323:4(1763)Online publication date: 4-Feb-2023
https://doi.org/10.3390/s23041763
Diéguez MCares CCachero CHochstetter J(2023)MASISCo—Methodological Approach for the Selection of Information Security ControlsApplied Sciences10.3390/app1302109413:2(1094)Online publication date: 13-Jan-2023
https://doi.org/10.3390/app13021094
Aziz B(2023)Analysing potential data security losses in organisations based on subsequent users loginsPLOS ONE10.1371/journal.pone.028685618:8(e0286856)Online publication date: 24-Aug-2023
https://doi.org/10.1371/journal.pone.0286856
Basin DGuarnizo JKrstic SNguyen HOchoa MMeng WJensen CCremers CKirda E(2023)Is Modeling Access Control Worth It?Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623196(2830-2844)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623196
Köpke JMeroni GSalnitri M(2023)Designing secure business processes for blockchains with SecBPMN2BCFuture Generation Computer Systems10.1016/j.future.2022.11.013141(382-398)Online publication date: Apr-2023
https://doi.org/10.1016/j.future.2022.11.013
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents