404 Hits in 6.4 sec

A Graphical Framework for the Category-Based Metamodel for Access Control and Obligations [article]

Sandra Alves, Jorge Iglésias
2021 arXiv   pre-print
We design a graph-based framework for the visualisation and analysis of obligations in access control policies.  ...  We consider obligation policies in CBACO, the category-based access control model, which has been shown to subsume many of the most well known access control such as MAC, DAC, RBAC.  ...  In this paper we develop a graph-based framework for the visualisation and analysis of obligations in access control policies.  ... 
arXiv:2111.00588v1 fatcat:nwn4ishu3fhkvpesn6vwr7sqv4

Model-driven Software Engineering in Practice: A Content Analysis Software for Health Reform Agreements

Adrian Rutle, Kent Inge Fagerland Simonsen, Hans Georg Schaathun, Ralf Kirchhoff
2015 Procedia Computer Science  
For this project, it was crucial to discuss the requirements of the system with domain-experts at a high level of abstraction in order to elicit feedback so that the development could proceed at a fast  ...  Furthermore, given time and resource constraints, we elected to use a model driven approach using automatic code generation coupled with high-productivity frameworks.  ...  The MVCore framework is based on the Eclipse modelling Framework (EMF) 4 and Graphical Modelling Framework (GMF) 5 .  ... 
doi:10.1016/j.procs.2015.08.383 fatcat:mn72c67opbbxtctae6ooy2g6fa

The G-ACM Tool: using the Drools Rule Engine for Access Control Management [article]

João Sá, Sandra Alves, Sabine Broda
2016 arXiv   pre-print
In this paper we explore the usage of rule engines in a graphical framework for visualising dynamic access control policies.  ...  We use the Drools rule engine to dynamically compute permissions, following the Category-Based Access Control metamodel.  ...  In [2] , a framework was presented with the aim of aiding on the specification and analysis of access control policies, based on a metamodel for access control (CBAC) proposed by Barker in [5] , and  ... 
arXiv:1611.08547v1 fatcat:hmh3yh4gqrhqlmmg62ynagt57u

CatBAC: A generic framework for designing and validating hybrid access control models

Bernard Stepien, Hemanth Khambhammettu, Kamel Adi, Luigi Logrippo
2012 2012 IEEE International Conference on Communications (ICC)  
Many access control models have been proposed in the literature, and they have been extensively studied under the acronyms of DAC, MAC, RBAC, ABAC, etc.  ...  access control systems.  ...  We thank Nadera Slimani for her contribution to the previous work on UACML.  ... 
doi:10.1109/icc.2012.6364961 dblp:conf/icc/StepienKAL12 fatcat:shih6gsfd5eb3nw747gu3i4tuu

Automated analysis of rule-based access control policies

Clara Bertolissi, Worachet Uttha
2013 Proceedings of the 7th workshop on Programming languages meets program verification - PLPV '13  
In this paper we show how access control policies can be specified using a general metamodel whose operational semantics is based on term rewriting systems.  ...  The choice of the specification language aims at easing the verification task, since essential properties of access control (e.g. every request by an individual of accessing a resource always receives  ...  the general category-based access control metamodel M).  ... 
doi:10.1145/2428116.2428125 dblp:conf/plpv/BertolissiU13 fatcat:c4e2idrfuveojbypertuldfb7q

A model driven approach for the development of metadata editors, applicability to the annotation of geographic information resources

Javier Nogueras-Iso, Miguel Ángel Latre, Rubén Béjar, Pedro R. Muro-Medrano, F. Javier Zarazaga-Soria
2012 Data & Knowledge Engineering  
However, the diversity and heterogeneity of metadata standards have become a barrier for the generation of these metadata.  ...  Metadata are a key element for the development of information infrastructures because they facilitate the semantic description of contents and services.  ...  Based on this XML and SKOS-RDF encodings, Fig. 10 shows the design of a prototype implementation for a software library that is able to parse and render the graphical components of the edition forms  ... 
doi:10.1016/j.datak.2012.09.001 fatcat:douzfp3fkzfmnlnviolgks6ici

Tools for Cloud Accountability: A4Cloud Tutorial [chapter]

Carmen Fernandez-Gago, Vasilis Tountopoulos, Simone Fischer-Hübner, Rehab Alnemr, David Nuñez, Julio Angulo, Tobias Pulls, Theo Koulouris
2015 IFIP Advances in Information and Communication Technology  
Cloud computing is becoming a key IT infrastructure technology being adopted progressively by companies and users.  ...  In particular, we will review how metrics can aid the accountability process and some of the tools that the A4Cloud project will produce such as the Data Track Tool (DTT) and the Cloud Offering Advisory  ...  It is used for complementing the previous one, based on the analysis of relevant control frameworks.  ... 
doi:10.1007/978-3-319-18621-4_15 fatcat:6gdmarhrpbcyvmfxpxvg7mit7q

A Model Driven Reverse Engineering Framework for Extracting Business Rules Out of a Java Application [chapter]

Valerio Cosentino, Jordi Cabot, Patrick Albert, Philippe Bauquel, Jacques Perronnet
2012 Lecture Notes in Computer Science  
In most ISs implementation of business rules is scattered among the code so appropriate techniques must be provided for the discovery and evolution of evolving business rules.  ...  The use of modeling techniques facilitate the representation of the rules at a higher-abstraction level which enables stakeholders to understand and manipulate them.  ...  The computation ends when the temp list is empty. The variables in the classes of the output list are classified in three categories: single-access, multi-access and potentials.  ... 
doi:10.1007/978-3-642-32689-9_3 fatcat:3zfno27n7bdpzovpqjdfejr6ca

Model-Based Specification and Validation of Security and Dependability Patterns [chapter]

Brahim Hamid, Christian Percebois
2014 Lecture Notes in Computer Science  
In our work, we propose a modeling environment for pattern-based secure and dependable embedded system development by design.  ...  The contribution of this work is twofold. On the one hand, we use model-based techniques to capture a set of artifacts to specify patterns.  ...  For instance, a system domain has its own mechanisms and means to serve the implementation of this pattern using a set of protocols ranging from RBAC (Role Based Access Control), Firewall, ACLs (Access  ... 
doi:10.1007/978-3-319-05302-8_5 fatcat:kbibth73rbd2deomlxafztf3mu

Using formal metamodels to check consistency of functional views in information systems specification

Régine Laleau, Fiona Polack
2008 Information and Software Technology  
We use class diagrams to summarize the metamodel structure and a formal language, B, for the full metamodel.  ...  We use two views to specify IS transactions: the first one is defined as a combination of behavioural UML diagrams (collaboration and state diagrams), and the second one is based on the definition of specific  ...  In addition, for most IS applications, transactions are important for security control (access control, authentication, etc).  ... 
doi:10.1016/j.infsof.2007.10.007 fatcat:idvoslr5ujfxxmkga2wavnnfau

Modeling Enterprise Authorization: A Unified Metamodel and Initial Validation

Matus Korman, Robert Lagerström, Mathias Ekstedt
2016 Complex Systems Informatics and Modeling Quarterly  
of individual models of access control nowadays used, and in terms of providing a unified ontology capable of flexibly expressing access policies for all or the most of the models.  ...  This study summarizes a number of existing models of access control, proposes a unified metamodel mapped to ArchiMate, and illustrates its use on a selection of example scenarios and two business cases  ...  Acknowledgments This study has been financed by SweGrids, the Swedish Centre for Smart Grids and Energy Storage (  ... 
doi:10.7250/csimq.2016-7.01 fatcat:bv5kadtzerbojik5zlg2jatwj4

SecKit: A Model-based Security Toolkit for the Internet of Things

Ricardo Neisse, Gary Steri, Igor Nai Fovino, Gianmarco Baldini
2015 Computers & security  
Security Management Usage control Internet of Things Policy-based management Trust management a b s t r a c t The control and protection of user data is a very important aspect in the design and deployment  ...  In this paper we propose a Modelbased Security Toolkit, which is integrated in a management framework for IoT devices, and supports specification and efficient evaluation of security policies to enable  ...  Acknowledgment This work was supported by the EU (grant agreement no. 287708)-funded project Internet Connected Objects for Reconfigurable Ecosystem (iCore).  ... 
doi:10.1016/j.cose.2015.06.002 fatcat:7vy4m5w77ffgxhgsjfsdtfyfem

Constraint Validation Support in Visual Model Transformation Systems

László Lengyel, Tihamer Levendovszky, Hassan Charaf
2006 Acta Cybernetica  
The creation of model compliers on a metamodeling basis is illustrated by a software package called Visual Modeling and Transformation System (VMTS), which is an n-layer multipurpose modeling and metamodel-based  ...  preservation and general guarantee, which facilitate that if a transformation step is specified adequately with the help of constraints, and the step has been executed successfully for the input model  ...  The category theory framework provides more flexible and more general background, so the DPO approach can be applied to many graph-like categories.  ... 
dblp:journals/actaC/LengyelLC06 fatcat:lnl64ba22fa7hhw7e2dm2dgrke

Functional and structural properties in the Model-Driven Engineering approach

Daniela Cancila, Roberto Passerone
2008 2008 IEEE International Conference on Emerging Technologies and Factory Automation  
We adopt a methodological approach based on correctnessby-construction for modeling high-integrity real-time embedded systems.  ...  In this paper we discuss the separation between attributes on functionality and on structure following an approach based on Model Driven Engineering (MDE).  ...  Acknwolegments The research work from which this paper has originated was carried out in the ASSERT project (IST-FP6-  ... 
doi:10.1109/etfa.2008.4638491 dblp:conf/etfa/CancilaP08 fatcat:c6aln752h5ad5i464ry5yhcm3m

On requirements representation and reasoning using answer set programming

Julian Padget, Emad Eldeen Elakehal, Ken Satoh, Fuyuki Ishikawa
2014 2014 IEEE 1st International Workshop on Artificial Intelligence for Requirements Engineering (AIRE)  
The metamodel is the result of several years experience in the development of business systems for e-tailing, while InstAL and the runtime monitor is on-going research to support the specification, verification  ...  the notion of runtime requirements, (ii) a formal language for their representation and its supporting computational model (InstAL ), and (iii) a software architecture that enables monitoring of distributed  ...  A METAMODEL WITH INSTITUTIONS The positive experiences of using multiagent systems for business applications reported in the previous section led us to consider how to make the technology more accessible  ... 
doi:10.1109/aire.2014.6894854 dblp:conf/re/PadgetESI14 fatcat:2fk535up7fac7fvj2y2btitgfy
« Previous Showing results 1 — 15 out of 404 results