Title :
Model driven security for Web services (MDS4WS)
Author :
Alam, Muhammad M. ; Breu, Ruth ; Breu, Michael
Author_Institution :
Institut fur Informatik, Innsbruck Univ., Austria
Abstract :
Model driven architecture is an approach to increase the quality of complex software systems based on creating high level system models that represent systems at different abstract levels and automatically generating system architectures from the models. We show how this paradigm can be applied to what we call model driven security for Web services. In our approach, a designer builds an interface model for the Web services along with security requirements using the object constraint language (OCL) and role based access control (RBAC) and then generates from these specifications a complete configured security infrastructure in the form of Extended Access Control Markup Language (XACML) policy files. Our approach can be used to improve productivity during the development of secure Web services and quality of resulting systems.
Keywords :
Internet; application program interfaces; constraint handling; hypermedia markup languages; security of data; Extended Access Control Markup Language; MDS4WS; Web services; complex software system; interface model; model driven architecture; model driven security; object constraint language; role based access control; Access control; Context-aware services; Information security; Markup languages; Object oriented modeling; Productivity; Programming; Unified modeling language; Web services; XML;
Conference_Titel :
Multitopic Conference, 2004. Proceedings of INMIC 2004. 8th International
Print_ISBN :
0-7803-8680-9
DOI :
10.1109/INMIC.2004.1492930
