Title :
An Approach Based on Model-Driven Engineering to Define Security Policies Using OrBAC
Author :
Munante, Denisse ; Gallon, Laurent ; Aniorte, Philippe
Author_Institution :
LIUPPA, Univ. of Pau, Anglet, France
Abstract :
In the field of access control, many security breaches occur because of a lack of early means to evaluate if access control policies are adequate to satisfy privileges requested by subjects which try to perform actions on objects. This paper proposes an approach based on UMLsec, to tackle this problem. We propose to extend UMLsec, and to add OrBAC elements. In particular, we add the notions of context, inheritance and separation. We also propose a methodology for modeling a security policy and assessing the security policy modeled, based on the use of MotOrBAC. This assessment is proposed in order to guarantee security policies are well-formed, to analyse potential conflicts, and to simulate a real situation.
Keywords :
Unified Modeling Language; authorisation; software engineering; MotOrBAC; OrBAC elements; UMLsec; access control policy; model-driven engineering; security policy; Abstracts; Access control; Concrete; Context; Organizations; Unified modeling language; OrBAC; UMLsec; assessment of access control policies; model-driven security;
Conference_Titel :
Availability, Reliability and Security (ARES), 2013 Eighth International Conference on
Conference_Location :
Regensburg
DOI :
10.1109/ARES.2013.44
