IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

Integrating Access Control into UML for Secure Software Modeling and Analysis

Integrating Access Control into UML for Secure Software Modeling and Analysis
View Sample PDF
Author(s): Thuong Doan (University of Connecticut, USA), Steven Demurjian (University of Connecticut, USA), Laurent Michel (University of Connecticut, USA)and Solomon Berhe (University of Connecticut, USA)
 Copyright: 2012
 Pages: 20
 Source title: Security-Aware Systems Applications and Software Development Methods
Source Author(s)/Editor(s): Khaled M. Khan (Qatar University, Qatar)
 DOI: 10.4018/978-1-4666-1580-9.ch005

Purchase

View Integrating Access Control into UML for Secure Software Modeling and Analysis on the publisher's website for pricing and purchasing information.

Abstract

Access control models are often an orthogonal activity when designing, implementing, and deploying software applications. Role-based access control (RBAC) which targets privileges based on responsibilities within an application and mandatory access control (MAC) that emphasizes the protection of information via security tags are two dominant approaches in this regard. The integration of access control into software modeling and analysis is often loose and significantly lacking, particularly when security is such a high-priority concern in applications. This paper presents an approach to integrate RBAC and MAC into use-case, class, and sequence diagrams of the unified modeling language (UML), providing a cohesive approach to secure software modeling that elevates security to a first-class citizen in the process. To insure that a UML design with security does not violate RBAC or MAC requirements, design-time analysis checks security constraints whenever a new UML element is added or an existing UML element is modified, while post-design analysis checks security constraints across the entire design for conflicts and inconsistencies. These access control extensions and security analyses have been prototyped within a UML tool.

Related Content

Babita Srivastava. © 2024. 21 pages.
Sakuntala Rao, Shalini Chandra, Dhrupad Mathur. © 2024. 27 pages.
Satya Sekhar Venkata Gudimetla, Naveen Tirumalaraju. © 2024. 24 pages.
Neeta Baporikar. © 2024. 23 pages.
Shankar Subramanian Subramanian, Amritha Subhayan Krishnan, Arumugam Seetharaman. © 2024. 35 pages.
Charu Banga, Farhan Ujager. © 2024. 24 pages.
Munir Ahmad. © 2024. 27 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2024, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.