Role-based authorization constraints specification using Object Constraint Language

Gail-Joon Ahn; M. E. Shin

doi:10.1109/ENABL.2001.953406

Role-based authorization constraints specification using Object Constraint Language

Gail-Joon Ahn, M. E. Shin

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

58 Scopus citations

Abstract

The purpose of access control is to limit the actions on a computer system that a legitimate user can perform. Role-based access control (RBAC) has generated great interest in the security community as a flexible approach in access control. An important aspect of RBAC is constraints that constrain what components in RBAC are allowed to do. Although researchers have identified useful constraints using formal specification languages such as RCL2000, there still exists a demand to have constraint specification languages for system developers who are working on secure systems development. The authors discuss another approach to specifying constraints using a de facto constraint specification language in the software engineering arena. We use a declarative language, Object Constraint Language (OCL) that is part of the Unified Modeling Language (UML) and has been used in object oriented analysis and design. We describe how to specify previously identified role-based authorization constraints, and the future direction of this work is also addressed.

Original language	English (US)
Title of host publication	Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE
Publisher	IEEE Computer Society
Pages	157-162
Number of pages	6
Volume	2001-January
ISBN (Print)	0769512690
DOIs	https://doi.org/10.1109/ENABL.2001.953406
State	Published - 2001
Externally published	Yes
Event	10th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WET ICE 2001 - Cambridge, United States Duration: Jun 20 2001 → Jun 22 2001

Other

Other	10th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WET ICE 2001
Country/Territory	United States
City	Cambridge
Period	6/20/01 → 6/22/01

Keywords

Access control
Authorization
Formal languages
Natural languages
Object oriented modeling
Permission
Security
Software engineering
Specification languages
Unified modeling language

ASJC Scopus subject areas

Hardware and Architecture
Software

Access to Document

10.1109/ENABL.2001.953406

Cite this

Role-based authorization constraints specification using Object Constraint Language. / Ahn, Gail-Joon; Shin, M. E.
Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE. Vol. 2001-January IEEE Computer Society, 2001. p. 157-162 953406.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Ahn, G-J & Shin, ME 2001, Role-based authorization constraints specification using Object Constraint Language. in Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE. vol. 2001-January, 953406, IEEE Computer Society, pp. 157-162, 10th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WET ICE 2001, Cambridge, United States, 6/20/01. https://doi.org/10.1109/ENABL.2001.953406

@inproceedings{aca220ea0a254080a6cea203e17c8799,

title = "Role-based authorization constraints specification using Object Constraint Language",

abstract = "The purpose of access control is to limit the actions on a computer system that a legitimate user can perform. Role-based access control (RBAC) has generated great interest in the security community as a flexible approach in access control. An important aspect of RBAC is constraints that constrain what components in RBAC are allowed to do. Although researchers have identified useful constraints using formal specification languages such as RCL2000, there still exists a demand to have constraint specification languages for system developers who are working on secure systems development. The authors discuss another approach to specifying constraints using a de facto constraint specification language in the software engineering arena. We use a declarative language, Object Constraint Language (OCL) that is part of the Unified Modeling Language (UML) and has been used in object oriented analysis and design. We describe how to specify previously identified role-based authorization constraints, and the future direction of this work is also addressed.",

keywords = "Access control, Authorization, Formal languages, Natural languages, Object oriented modeling, Permission, Security, Software engineering, Specification languages, Unified modeling language",

author = "Gail-Joon Ahn and Shin, {M. E.}",

year = "2001",

doi = "10.1109/ENABL.2001.953406",

language = "English (US)",

isbn = "0769512690",

volume = "2001-January",

pages = "157--162",

booktitle = "Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE",

publisher = "IEEE Computer Society",

note = "10th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WET ICE 2001 ; Conference date: 20-06-2001 Through 22-06-2001",

}

TY - GEN

T1 - Role-based authorization constraints specification using Object Constraint Language

AU - Ahn, Gail-Joon

AU - Shin, M. E.

PY - 2001

Y1 - 2001

N2 - The purpose of access control is to limit the actions on a computer system that a legitimate user can perform. Role-based access control (RBAC) has generated great interest in the security community as a flexible approach in access control. An important aspect of RBAC is constraints that constrain what components in RBAC are allowed to do. Although researchers have identified useful constraints using formal specification languages such as RCL2000, there still exists a demand to have constraint specification languages for system developers who are working on secure systems development. The authors discuss another approach to specifying constraints using a de facto constraint specification language in the software engineering arena. We use a declarative language, Object Constraint Language (OCL) that is part of the Unified Modeling Language (UML) and has been used in object oriented analysis and design. We describe how to specify previously identified role-based authorization constraints, and the future direction of this work is also addressed.

AB - The purpose of access control is to limit the actions on a computer system that a legitimate user can perform. Role-based access control (RBAC) has generated great interest in the security community as a flexible approach in access control. An important aspect of RBAC is constraints that constrain what components in RBAC are allowed to do. Although researchers have identified useful constraints using formal specification languages such as RCL2000, there still exists a demand to have constraint specification languages for system developers who are working on secure systems development. The authors discuss another approach to specifying constraints using a de facto constraint specification language in the software engineering arena. We use a declarative language, Object Constraint Language (OCL) that is part of the Unified Modeling Language (UML) and has been used in object oriented analysis and design. We describe how to specify previously identified role-based authorization constraints, and the future direction of this work is also addressed.

KW - Access control

KW - Authorization

KW - Formal languages

KW - Natural languages

KW - Object oriented modeling

KW - Permission

KW - Security

KW - Software engineering

KW - Specification languages

KW - Unified modeling language

UR - http://www.scopus.com/inward/record.url?scp=84950281940&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84950281940&partnerID=8YFLogxK

U2 - 10.1109/ENABL.2001.953406

DO - 10.1109/ENABL.2001.953406

M3 - Conference contribution

AN - SCOPUS:84950281940

SN - 0769512690

VL - 2001-January

SP - 157

EP - 162

BT - Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE

PB - IEEE Computer Society

T2 - 10th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WET ICE 2001

Y2 - 20 June 2001 through 22 June 2001

ER -

Role-based authorization constraints specification using Object Constraint Language

Abstract

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this