Model driven security for process-oriented systems
- 2 June 2003
- conference paper
- Published by Association for Computing Machinery (ACM)
- p. 100-109
- https://doi.org/10.1145/775412.775425
Abstract
Model Driven Architecture is an approach to increasing the quality of complex software systems based on creating high-level system models and automatically generating system architectures from the models. We show how this paradigm can be specialized to what we call Model Driven Security. In our specialization, a designer builds a system model along with security requirements, and automatically generates from this a complete, configured security infrastructure.We propose a modular approach to constructing modeling languages supporting this process, which combines languages for modeling system design with languages for modeling security. We present an application to constructing systems from process models, where we combine a UML-based process design language with a security modeling language for formalizing access control requirements. From models in the combined language, we automatically generate security architectures for distributed applications.Keywords
This publication has 4 references indexed in Scilit:
- Proposed NIST standard for role-based access controlACM Transactions on Information and System Security, 2001
- On the increasing importance of constraintsPublished by Association for Computing Machinery (ACM) ,1999
- Towards a UML based approach to role engineeringPublished by Association for Computing Machinery (ACM) ,1999
- The specification and enforcement of authorization constraints in workflow management systemsACM Transactions on Information and System Security, 1999