A Comprehensive Modeling Framework for Role-based Access Control Policies

Ben Fadhel, Ameni; Bianculli, Domenico; Briand, Lionel

doi:10.1016/j.jss.2015.05.015

Reference : A Comprehensive Modeling Framework for Role-based Access Control Policies


	Document type :	Scientific journals : Article
	Discipline(s) :	Engineering, computing & technology : Computer science Engineering, computing & technology : Computer science
	To cite this reference:	http://hdl.handle.net/10993/21025

Title :	A Comprehensive Modeling Framework for Role-based Access Control Policies
Language :	English
Author, co-author :	Ben Fadhel, Ameni [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Bianculli, Domenico [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Briand, Lionel [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > > ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)]
Publication date :	29-May-2015
Journal title :	Journal of Systems and Software
Publisher :	Elsevier Science
Volume :	107
Issue/season :	September,2015
Pages :	110-126
Peer reviewed :	Yes (verified by ORBi^lu)
Audience :	International
ISSN :	0164-1212
Keywords :	[en] role-based access control ; modeling, authorization constraints ; survey
Abstract :	[en] Prohibiting unauthorized access to critical resources and data has become a major requirement for enter- prises; access control (AC) mechanisms manage requests from users to access system resources. One of the most used AC paradigms is role-based access control (RBAC), in which access rights are determined based on the user’s role. Many different types of RBAC policies have been proposed in the literature, each one accompanied by the corresponding extension of the original RBAC model. However, there is no unified framework that can be used to define all these types of policies in a coherent way, using a common model. In this paper we propose a model-driven engineering approach, based on UML and the Object Constraint Language (OCL), to enable the precise specification and verification of such policies. More specifically, we first present a taxonomy of the various types of RBAC policies proposed in the literature. We also propose the GemRBAC model, a generalized model for RBAC that includes all the entities required to define the classified policies. This model is a conceptual model that can also serve as data model to operationalize data collection and verification. Lastly, we formalize the classified policies as OCL constraints on the GemRBAC model.
Research centres :	Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Software Verification and Validation Lab (SVV Lab)
Funders :	Fonds National de la Recherche - FnR
Permalink :	http://hdl.handle.net/10993/21025
DOI :	10.1016/j.jss.2015.05.015
Other URL :	http://www.sciencedirect.com/science/article/pii/S0164121215001041

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Limited access	JSS-GemRBAC2015.pdf		Author postprint	597.44 kB	Request a copy

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices