Title :
Modeling Access Control Requirements in Feature Model
Author :
Sun, Lianshan ; Huang, Gang
Author_Institution :
Coll. of Electr. & Inf. Eng., Shannxi Univ. of Sci. & Techonologies, Xi´´an, China
Abstract :
Access control requirements (ACRs) are software requirements about limiting privileges of users from accessing sensitive software resources. ACRs often interact with functional requirements (FRs), conform to an access control model, are constrained by authorization constraints of organizations, and change frequently. Current requirements modeling technologies, such as use case modeling approaches, object-oriented analysis, and feature-oriented approaches, are initially designed to model FRs, and cannot explicitly and efficiently model the ACRs. In real world, it is still very difficult for the developers to model and evolve the complex and changeful ACRs of large-scale software applications while ensuring the consistency between ACRs and FRs. This paper analyzes the challenges of modeling ACRs, presents a feature-based approach to modeling the ACRs to overcome them, and illustrates the approach in an online store application.
Keywords :
authorisation; object-oriented methods; access control requirements; authorization constraints; feature-oriented approaches; functional requirements; object-oriented analysis; software requirements; software resources; Access control; Application software; Authorization; Educational technology; Laboratories; Large-scale systems; Object oriented modeling; Protection; Software engineering; Sun; Access Control Requirements; Feature Model; RBAC;
Conference_Titel :
Software Engineering Conference, 2009. APSEC '09. Asia-Pacific
Conference_Location :
Penang
Print_ISBN :
978-0-7695-3909-6
DOI :
10.1109/APSEC.2009.21
