Reference : Model-Driven Adaptive Delegation
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/350
Model-Driven Adaptive Delegation
English
Nguyen, Phu Hong mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Nain, Grégory mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Klein, Jacques mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Mouelhi, Tejeddine mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Le Traon, Yves mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Mar-2013
Proceedings of the 12th annual international conference companion on Aspect-oriented software development
Masuhara, Hidehiko
Chiba, Sigeru
Ubayashi, Naoyasu
ACM
Yes
No
International
978-1-4503-1873-0
New York
USA
the 12th International Conference on Modularity:AOSD 2013
March 24 - 29, 2013
The University of Tokyo
Fukuoka
Japan
[en] Model-driven security ; model-driven engineering ; model composition ; delegation ; access control ; dynamic adaptation
[en] Model-Driven Security is a specialization of Model-Driven Engineering (MDE) that focuses on making security models productive, i.e., enforceable in the final deployment. Among the variety of models that have been studied in a MDE perspective, one can mention access control models that specify the access rights. So far, these models mainly focus on static definitions of access control policies, without taking into account the more complex, but essential, delegation of rights mechanism. User delegation is a meta-level mechanism for administrating access rights, which allows a user without any specific administrative privileges to delegate his/her access rights to another user. This paper analyses the main hard-points for introducing various delegation semantics in model-driven security and proposes a model-driven framework for 1) specifying access control, delegation and the business logic as separate concerns; 2) dynamically enforcing/weaving access control policies with various delegation features into security-critical systems; and 3) providing a flexibly dynamic adaptation strategy. We demonstrate the feasibility and effectiveness of our proposed solution through the proof-of-concept implementations of different systems.
Interdisciplinary Centre for Security, Reliability and Trust
Fonds National de la Recherche - FnR
Researchers ; Professionals ; Students ; General public ; Others
http://hdl.handle.net/10993/350

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
aosd25-Nguyen.pdfPublisher postprint1.03 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.