Reference Hub

This research has been cited in:

Chapter
Multi Objective Particle Swarm Optimization for Software Cost EstimationICT and Critical Infrastructure: Proceedings of the 48th Annual Convention of Computer Society of India- Vol I10.1007/978-3-319-03107-1_15
Chapter
A Study on Application of Soft Computing Techniques for Software Effort EstimationA Journey Towards Bio-inspired Techniques in Software Engineering10.1007/978-3-030-40928-9_8
Article
A Comparative Analysis of Access Control Policy Modeling ApproachesInternational Journal of Secure Software Engineering10.4018/jsse.2012100104

Integrating Access Control into UML for Secure Software Modeling and Analysis

Thuong Doan, Steven Demurjian, Laurent Michel, Solomon Berhe

Source Title: International Journal of Secure Software Engineering (IJSSE)1(1)

Cite Article Cite Article

MLA

Doan, Thuong, et al. "Integrating Access Control into UML for Secure Software Modeling and Analysis." IJSSE vol.1, no.1 2010: pp.1-19. http://doi.org/10.4018/jsse.2010102001

APA

Doan, T., Demurjian, S., Michel, L., & Berhe, S. (2010). Integrating Access Control into UML for Secure Software Modeling and Analysis. International Journal of Secure Software Engineering (IJSSE), 1(1), 1-19. http://doi.org/10.4018/jsse.2010102001

Chicago

Doan, Thuong, et al. "Integrating Access Control into UML for Secure Software Modeling and Analysis," International Journal of Secure Software Engineering (IJSSE) 1, no.1: 1-19. http://doi.org/10.4018/jsse.2010102001

Export Reference

Favorite Full-Issue Download

View Full Text HTML

View Full Text PDF

Abstract

Access control models are often an orthogonal activity when designing, implementing, and deploying software applications. Role-based access control (RBAC) which targets privileges based on responsibilities within an application and mandatory access control (MAC) that emphasizes the protection of information via security tags are two dominant approaches in this regard. The integration of access control into software modeling and analysis is often loose and significantly lacking, particularly when security is such a high-priority concern in applications. This article presents an approach to integrate RBAC and MAC into use-case, class, and sequence diagrams of the unified modeling language (UML), providing a cohesive approach to secure software modeling that elevates security to a first-class citizen in the process. To insure that a UML design with security does not violate RBAC or MAC requirements, design-time analysis checks security constraints whenever a new UML element is added or an existing UML element is modified, while post-design analysis checks security constraints across the entire design for conflicts and inconsistencies. These access control extensions and security analyses have been prototyped within a UML tool.

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.

Username or email: *

Password: *

Forgot individual login password?

Create individual account

Integrating Access Control into UML for Secure Software Modeling and Analysis

MLA

APA

Chicago

Export Reference

Abstract

Request Access