Specification of security constraint in UML

Author

Fernández-Medina, Eduardo ; Piattini, Mario ; Serrano, Manuel A.

Author_Institution

Univ. of Castilla-La Mancha, Spain

fYear

2001

fDate

37165

Firstpage

163

Lastpage

171

Abstract

In recent years various initiatives for solving the problem of security in databases have arisen. However, all of them have been only partial solutions which resolved isolated problems. Consequently, a global solution to the problem has not been reached yet. We believe that a methodological approach in which security is taken into consideration from the earliest stages of the development process of the databases is the best strategy. The authors present a language for specifying security constraints in models of classes, which is one step to a complete methodology for the development of secure multilevel databases. This language is called OSCL (Object Security Constraint Language). OSCL is based on the constraint language OCL (Object Constraint Language), which is used by the current standard of modeling, UML (Unified Modeling Language)

Keywords

constraint handling; distributed databases; logic programming languages; security of data; specification languages; OCL; OSCL; Object Constraint Language; Object Security Constraint Language; UML; Unified Modeling Language; confidentiality; constraint language; database security; global solution; isolated problems; methodological approach; multilevel databases; partial solutions; secure multilevel databases; security constraint specification; security constraints; specification language; Data analysis; Data security; Databases; Information security; Information systems; National security; Power system modeling; Protection; Specification languages; Unified modeling language;

fLanguage

English

Publisher

ieee

Conference_Titel

Security Technology, 2001 IEEE 35th International Carnahan Conference on

Conference_Location

London

Print_ISBN

0-7803-6636-0

Type

conf

DOI

10.1109/.2001.962829

Filename

962829