Abstract
This paper presents a set of transformation rules for transforming a non-secure interaction model to a secure interaction model using an access control pattern. The transformation rules resolve conflicts, uncertainties and type mismatches that may arise during pattern application. We demonstrate a case study using the Mandatory Access Control pattern and a defense messaging system in the military domain, and discuss about an analysis of the resulting model for pattern conformance.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Clarke, S., Walker, R.: Composition Patterns: An Approach to Designing Reusable Aspects. In: Proceedings of International Conference on Software Engineering, Toronto, Canada, pp. 5–14 (2001)
Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and Systems Security 4(3) (2001)
Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns: Elements of Reusable Object-Oriented Software. Addison-Wesley, Reading (1995)
Harrison, M.H., Ruzzo, W.L., Ullman, J.D.: Protection in Operating Systems. Communications of the ACM 19(8), 461–471 (1976)
Kim, D.: The Role-Based Metamodeling Language for Specifying Design Patterns. In: Taibi, T. (ed.) Design Pattern Formalization Techniques, pp. 183–205. Idea Group Inc. (2007)
Kim, D., Gokhale, P.: A Pattern-Based Technique for Developing UML Models of Access Control Systems. In: Proceedings of the 30th Annual International Computer Software and Applications Conference, Chigaco, IL, pp. 317–324. IEEE Computer Society Press, Los Alamitos (2006)
Kim, D., Mehta, P., Gokhal, P.: Describing Access Control Patterns Using Roles. In: Proceedings of Pattern Languages of Programming Conference (PLoP), Portland, OR (2006)
Klein, J., Plouzeau, N.: Transformation of Behavioral Models Based on Compositions of Sequence Diagrams. In: Proceedings of Model-Driven Architecture: Foundations and Applications 2004 (MDAFA), Linkoping, Sweden, p. 255 (2004)
Reddy, R., Solberg, A., France, R., Ghosh, S.: Composing Sequence Models using Tags. In: Proceedings of MoDELS workshop on Aspect Oriented Modeling, Genova, Italy (2006)
Sandhu, R., Samarati, P.: Access Control: Principles and Practice. IEEE Communications 32(9), 40–48 (1994)
The Object Management Group (OMG). Unified Modeling Language: Superstructure. Version 2.0 Formal/05-07-04, OMG (August 2005), http://www.omg.org
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, DK., Lu, L. (2008). Pattern-Based Transformation Rules for Developing Interaction Models of Access Control Systems. In: Mei, H. (eds) High Confidence Software Reuse in Large Systems. ICSR 2008. Lecture Notes in Computer Science, vol 5030. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-68073-4_33
Download citation
DOI: https://doi.org/10.1007/978-3-540-68073-4_33
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68062-8
Online ISBN: 978-3-540-68073-4
eBook Packages: Computer ScienceComputer Science (R0)