Hostname: page-component-8448b6f56d-qsmjn Total loading time: 0 Render date: 2024-04-25T06:55:52.177Z Has data issue: false hasContentIssue false
  • English
  • Français

Employing UML and OCL for designing and analysing role-based access control

Published online by Cambridge University Press:  08 July 2013

MIRCO KUHLMANN ,
KARSTEN SOHR  and
MARTIN GOGOLLA
MIRCO KUHLMANN
Affiliation:
Computer Science Department, Database Systems Group, D-28334 Bremen, Germany Email: mk@informatik.uni-bremen.de; gogolla@informatik.uni-bremen.de
KARSTEN SOHR
Affiliation:
Center for Computing Technologies, D-28334 Bremen, Germany Email: sohr@tzi.de
MARTIN GOGOLLA
Affiliation:
Computer Science Department, Database Systems Group, D-28334 Bremen, Germany Email: mk@informatik.uni-bremen.de; gogolla@informatik.uni-bremen.de
Get access Rights & Permissions [Opens in a new window]

Abstract

The stringent security requirements of organisations like banks or hospitals frequently adopt role-based access control (RBAC) principles to represent and simplify their internal permission management. While representing a fundamental advanced RBAC concept enabling precise restrictions on access rights, authorisation constraints increase the complexity of the resulting security policies so that tool support for convenient creation and adequate validation is required. A particular contribution of our work is a new approach to developing and analysing RBAC policies using a UML-based domain-specific language (DSL), which allows the hiding of the mathematical structures of the underlying authorisation constraints implemented in OCL. The DSL we present is highly configurable and extensible with respect to new concepts and classes of authorisation constraints, and allows the developer to validate RBAC policies in an effective way. The handling of dynamic (that is, time-dependent) constraints, their visual representation through the RBAC DSL and their analysis all form another part of our contribution. The approach is supported by a UML and OCL validation tool.

Type
Paper
Information
Mathematical Structures in Computer Science , Volume 23 , Special Issue 4: Lightweight and Practical Formal Methods in the Design and Analysis of Safety-Critical Systems , August 2013 , pp. 796 - 833
Copyright
Copyright © Cambridge University Press 2013 

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Abi Haidar, D., Cuppens-Boulahia, N., Cuppens, F. and Debar, H. (2006) An extended RBAC profile of XACML. In: Proceedings of the 3rd ACM workshop on Secure web services, ACM 1322.CrossRefGoogle Scholar
Ahn, G.-J. and Shin, M. E. (2001) Role-Based Authorization Constraints Specification Using Object Constraint Language. In: Proceedings of the 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, IEEE Computer Society 157162.Google Scholar
American National Standards Institute Inc. (2004) Role Based Access Control. ANSI-INCITS 359-2004.Google Scholar
Anastasakis, K., Bordbar, B., Georg, G. and Ray, I. (2007) UML2Alloy: A Challenging Model Transformation. In: Model Driven Engineering Languages and Systems, 10th International Conference, MoDELS 2007. Springer-Verlag Lecture Notes in Computer Science 4735 436450.CrossRefGoogle Scholar
Barth, A., Datta, A., Mitchell, J. C. and Nissenbaum, H. (2006) Privacy and Contextual Integrity: Framework and Applications. In: IEEE Symposium on Security and Privacy, IEEE Computer Society 184198.Google Scholar
Basin, D. A., Clavel, M., Doser, J. and Egea, M. (2009) Automated analysis of security-design models. Information and Software Technology 51 (5)815831.CrossRefGoogle Scholar
Basin, D. A., Doser, J. and Lodderstedt, T. (2006) Model driven security: From UML models to access control infrastructures. ACM Transactions on Software Engineering and Methodology 15 (1)3991.CrossRefGoogle Scholar
Becker, M. Y., Fournet, C. and Gordon, A. D. (2010) SecPAL: Design and semantics of a decentralized authorization language. Journal of Computer Security 18 (4)619665.CrossRefGoogle Scholar
Bertino, E., Ferrari, E. and Atluri, V. (1999) The specification and enforcement of authorization constraints in workflow management systems. ACM Transactions on Information and System Security 2 (1)65104.CrossRefGoogle Scholar
Clark, D. C. and Wilson, D. R. (1987) A comparison of commercial and military security policies. In: Proceedings IEEE Symposium on Security and Privacy, Washington DC.Google Scholar
Dougherty, D. J., Fisler, K. and Krishnamurthi, S. (2006) Specifying and Reasoning About Dynamic Access-Control Policies. In: Furbach, U. and Shankar, N. (eds.) IJCAR. Springer-Verlag Lecture Notes in Computer Science 4130 632646.CrossRefGoogle Scholar
Fernández-Medina, E. and Piattini, M. (2004) Extending OCL for secure database development. In: Proceedings of UML 2004 – The Unified Modeling Language: Modeling Languages and Applications. Springer-Verlag Lecture Notes in Computer Science 3273 380394.CrossRefGoogle Scholar
Gligor, V. D., Gavrila, S. I. and Ferraiolo, D. (1998) On the formal definition of separation-of-duty policies and their composition. In: IEEE Symposium on Security and Privacy (SSP '98) 172–185.CrossRefGoogle Scholar
Gogolla, M., Büttner, F. and Richters, M. (2007) USE: A UML-Based Specification Environment for Validating UML and OCL. Science of Computer Programming 69 2734.CrossRefGoogle Scholar
Gogolla, M., Hamann, L., Xu, J. and Zhang, J. (2011) Exploring (Meta-)Model Snapshots by Combining Visual and Textual Techniques. In: Proceedings 10th International Workshop on Graph Transformation and Visual Modeling Techniques (GT-VMT'2011). Electronic Communications of the EASST 41.Google Scholar
Gogolla, M., Kuhlmann, M. and Hamann, L. (2009) Consistency, Independence and Consequences in UML and OCL Models. In: Dubois, C. (ed.) Tests and Proofs – Proceedings Third International Conference, TAP 2009. Springer-Verlag Lecture Notes in Computer Science 5668 90104.CrossRefGoogle Scholar
Hilty, M., Pretschner, A., Basin, D. A., Schaefer, C. and Walter, T. (2007) A Policy Language for Distributed Usage Control. In Biskup, J. and Lopez, J. (eds.) ESORICS. Springer-Verlag Lecture Notes in Computer Science 4734 531546.CrossRefGoogle Scholar
Höhn, S. and Jürjens, J. (2003) Automated checking of SAP security permissions. In: 6th Working Conference on Integrity and Internal Control in Information Systems (IICIS), Kluwer.Google Scholar
Jürjens, J. (2002) UMLsec: Extending UML for secure systems development. In Jézéquel, J.-M., Hussmann, H. and Cook, S. (eds.) Proceedings of The Unified Modeling Language – Model Engineering, Concepts, and Tools, UML 2002. Springer-Verlag Lecture Notes in Computer Science 2460 412425.CrossRefGoogle Scholar
Kuhlmann, M. and Gogolla, M. (2008) Modeling and Validating Mondex Scenarios Described in UML and OCL with USE. Formal Aspects of Computing 20 (1)79100.CrossRefGoogle Scholar
Kuhlmann, M., Hamann, L. and Gogolla, M. (2011a) Extensive Validation of OCL Models by Integrating SAT Solving into USE. In: Bishop, J. and Vallecillo, A. (eds.) Proceedings of the 49th International Conference on Objects, Models, Components and Patterns, TOOLS 2011. Springer-Verlag Lecture Notes in Computer Science 6705 290306.CrossRefGoogle Scholar
Kuhlmann, M., Sohr, K. and Gogolla, M. (2010) RBAC Metamodel: Sources and Validation Results. Available at http://www.db.informatik.uni-bremen.de/publications/Kuhlmann_2010_RBAC_sources.pdf.Google Scholar
Kuhlmann, M., Sohr, K. and Gogolla, M. (2011b) Comprehensive Two-level Analysis of Static and Dynamic RBAC Constraints with UML and OCL. In: Baik, J., Massacci, F. and Zulkernine, M. (eds.) Fifth International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2011, IEEE Computer Society.Google Scholar
Li, N., Tripunitara, M. V. and Bizri, Z. (2007) On mutually exclusive roles and separation-of-duty. ACM Transactions on Information and System Security 10.CrossRefGoogle Scholar
Mossakowski, T., Drouineaud, M. and Sohr, K. (2003) A temporal-logic extension of role-based access control covering dynamic separation of duties. In: Proceedings of TIME-ICTL 2003, Cairns, Queensland, Australia, IEEE Computer Society 8390.Google Scholar
Nash, M. J. and Poland, K. R. (1990) Some conundrums concerning separation of duty. In: Proceedings IEEE Symposium on Research in Security and Privacy, IEEE Computer Society 201207.Google Scholar
Object Management Group (2010a) Object Constraint Language – Version 2.2. OMG document number formal/2010-02-01. Available at http://www.omg.org/spec/OCL/2.2/.Google Scholar
Object Management Group (2010b) OMG Unified Modeling Language (OMG UML), Infrastructure – Version 2.3. OMG document number formal/2010-05-03. Available at http://www.omg.org/spec/UML/2.3/.Google Scholar
Object Management Group (2010c) OMG Unified Modeling Language (OMG UML), Superstructure – Version 2.3. formal/2010-05-05. Available at http://www.omg.org/spec/UML/2.3/.Google Scholar
Qunoo, H. and Ryan, M. (2010) Modelling dynamic access control policies for web-based collaborative systems. In: Foresti, S. and Jajodia, S. (eds.) Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy, DBSec'10. Springer-Verlag Lecture Notes in Computer Science 6166 295302.CrossRefGoogle Scholar
Ray, I., Li, N., France, R. B. and Kim, D.-K. (2004) Using UML to visualize role-based access control constraints. In: Proceedings of the 9th ACM symposium on Access control models and technologies, ACM 115124.Google Scholar
Richters, M. and Gogolla, M. (2001) OCL – Syntax, Semantics and Tools. In: Clark, T. and Warmer, J. (eds.) Advances in Object Modelling with the OCL. Springer-Verlag Lecture Notes in Computer Science 2263 4369.Google Scholar
Rumbaugh, J., Jacobson, I. and Booch, G. (2004) The Unified Modeling Language Reference Manual (second edition), Object Technology Series, Addison-Wesley.Google Scholar
Sandhu, R. (1988) Transaction control expressions for separation of duties. In: Proceedings of the Fourth Computer Security Applications Conference, IEEE Computer Society 282286.Google Scholar
Sandhu, R. S., Coyne, E. J., Feinstein, H. L. and Youman, C. E. (1996) Role-Based Access Control Models. IEEE Computer 29 (2)3847.CrossRefGoogle Scholar
Schaad, A. (2003) A Framework for Organisational Control Principles, Ph.D. thesis, University of York, United Kingdom.Google Scholar
Schaad, A., Lotz, V. and Sohr, K. (2006) A model-checking approach to analysing organisational controls in a loan origination process. In: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, ACM Press 139149.Google Scholar
Simon, R. and Zurko, M. (1997) Separation of duty in role-based environments. In: 10th IEEE Computer Security Foundations Workshop (CSFW '97) 183–194.CrossRefGoogle Scholar
Sohr, K., Drouineaud, M., Ahn, G.-J. and Gogolla, M. (2008a) Analyzing and Managing Role-Based Access Control Policies. IEEE Transactions on Knowledge and Data Engineering 20 (7)924939.CrossRefGoogle Scholar
Sohr, K., Mustafa, T., Bao, X. and Ahn, G.-J. (2008b) Enforcing Role-Based Access Control Policies in Web Services with UML and OCL. In: Proceedings of the 23th Annual Computer Security Applications Conference, IEEE Computer Society 257266.Google Scholar
Torlak, E. and Jackson, D. (2007) Kodkod: A Relational Model Finder. In: Tools and Algorithms for the Construction and Analysis of Systems – 13th International Conference, TACAS 2007. Springer-Verlag Lecture Notes in Computer Science 4424 632647.CrossRefGoogle Scholar
Yu, L., France, R. B. and Ray, I. (2008) Scenario-Based Static Analysis of UML Class Models. In: Model Driven Engineering Languages and Systems, 11th International Conference, MoDELS 2008. Springer-Verlag Lecture Notes in Computer Science 5301 234248.CrossRefGoogle Scholar
Zhang, N., Ryan, M. and Guelev, D. P. (2008) Synthesising Verified Access Control Systems through Model Checking. Journal of Computer Security 16 (1)161.CrossRefGoogle Scholar
Zhang, X., Parisi-Presicce, F., Sandhu, R. and Park, J. (2005) Formal model and policy specification of usage control. ACM Transactions on Information and System Security 8 (4)351387.CrossRefGoogle Scholar