Title :
A Framework of Composable Access Control Definition, Enforcement and Assurance
Author :
Pavlich-Mariscal, Jaime A. ; Demurjian, Steven A. ; Michel, Laurent D.
Author_Institution :
Dept. de Ing. de Sist. y Comput., Univ. Catolica del Norte, Antofagasta
Abstract :
This paper proposes an approach for secure software design and coding; and, it provides a formal underpinning for security assurance, i.e., a proof that the generated code correctly realizes security specifications. The base of the proposed approach is a set of security features by J. Pavlich-Mariscal et al (2007) that separate security concerns from the main design. To create specific access control models, designers can select the features they require, compose them, and represent them through security diagrams, i.e., extensions to UML to represent security concerns. These security specifications are then transitioned into aspect-oriented enforcement code. To provide security assurance, this paper formalizes the application behavior using labeled transition systems and structural operational semantics; and it uses simulation relations to demonstrate the correctness of the secure code.
Keywords :
Unified Modeling Language; authorisation; formal specification; object-oriented methods; UML; aspect-oriented enforcement code; composable access control; labeled transition system; security assurance; security specification; structural operational semantics; Access control; Application software; Computer science; Programming profession; Security; Software design; Software engineering; Unified modeling language; Visualization; Access Control; Security Assurance; UML;
Conference_Titel :
Chilean Computer Science Society, 2008. SCCC '08. International Conference of the
Conference_Location :
Punta Arenas
Print_ISBN :
978-0-7695-3403-9
DOI :
10.1109/SCCC.2008.18
