Internet Archive Scholar

Constructing Authorization Systems Using Assurance Management Framework

Hongxin Hu, Gail-Joon Ahn
2010 IEEE Transactions on Systems Man and Cybernetics Part C (Applications and Reviews)  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (408.4 kB)
https://web.archive.org/web/20151022005624/http://people.cs.clemson.edu/~hongxih/papers/TSMCC10.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL. The file type is application/pdf.

Model-driven approach has recently received much attention in developing secure software and systems. In addition, software developers have attempted to employ such an emerging approach in the early stage of software development life cycle. However, security concerns are rarely considered and practiced due to the lack of appropriate systematic mechanisms and tools. In this paper, we introduce a multilayered software development life cycle (SDLC), which is based on an assurance management
more » ... rk (AMF), focusing on the development of authorization systems. AMF facilitates comprehensive realization of formal security model, security policy specification and verification, generation of security enforcement codes, and rigorous conformance testing. We also articulate our experience in analyzing role-based authorization requirements and realizing those requirements in constructing a role-based authorization system. Index Terms-Authorization, model-driven approach, role based, unified modeling language (UML).
doi:10.1109/tsmcc.2010.2047856 fatcat:is4bc7uldjbnnmqvsqwnmhwjoy
Citation

Hongxin Hu, Gail-Joon Ahn. "Constructing Authorization Systems Using Assurance Management Framework." IEEE Transactions on Systems Man and Cybernetics Part C (Applications and Reviews) 40.4 (2010) 396-405