Security requirements have become an integral part of most modern software systems. In order to produce secure systems, it is necessary to provide software engineers with the appropriate systematic support. We propose a methodology to integrate the specification of access control policies into Unified Modeling Language (UML) and provide a graph-based formal semantics for the UML access control specification which permits to reason about the coherence of the access control specification. The main concepts in the UML access control specification are illustrated with an example access control model for distributed object systems. © Springer-Verlag 2006.
UML specification of access control policies and their formal verification / Manuel, Koch; PARISI PRESICCE, Francesco. - In: SOFTWARE AND SYSTEMS MODELING. - ISSN 1619-1366. - STAMPA. - 5:4(2006), pp. 429-447. [10.1007/s10270-006-0030-z]
UML specification of access control policies and their formal verification
PARISI PRESICCE, Francesco
2006
Abstract
Security requirements have become an integral part of most modern software systems. In order to produce secure systems, it is necessary to provide software engineers with the appropriate systematic support. We propose a methodology to integrate the specification of access control policies into Unified Modeling Language (UML) and provide a graph-based formal semantics for the UML access control specification which permits to reason about the coherence of the access control specification. The main concepts in the UML access control specification are illustrated with an example access control model for distributed object systems. © Springer-Verlag 2006.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.