Towards a UML based approach to role engineering
- 28 October 1999
- conference paper
- Published by Association for Computing Machinery (ACM)
- p. 135-143
- https://doi.org/10.1145/319171.319184
Abstract
Role based access control (RBAC) is a promising technology for scalable access control. For RBAC to rise to its full potential, the roles must be properly constructed to reflect organizational access control policy and needs. This requires a discipline of Role Engineering to develop various components of RBAC such as role hierarchy, permissions (and permission- role assignment), and constraints. The importance of Role Engineering has been recognized but very little work has been done to date. In this paper we explore the possibility of using the Unified Modeling Language (UML) to support Role Engineering. We chose UML because it is a de facto standard and refIects a consensus in the modeling community. To investigate the capability of UML for Role Engineering, we represent an existing Role framework recently published by Thomsen, O'Brien, and Bogle. This framework can be modeled in UML, with the assistance of adding a new user defined UML vocabulary.Keywords
This publication has 3 references indexed in Scilit:
- Implementing role-based access control using object technologyPublished by Association for Computing Machinery (ACM) ,1996
- Role engineeringPublished by Association for Computing Machinery (ACM) ,1996
- Role-based access control modelsComputer, 1996