Leveraging UML for Security Engineering and Enforcement in a Collaboration on Duty and Adaptive Workflow Model That Extends NIST RBAC

Abstract : To facilitate collaboration in the patient-centered medical home (PCMH), our prior work extended the NIST role-based access control (RBAC) model to yield a formal collaboration on duty and adaptive workflow (COD/AWF) model. The next logical step is to place this work into the context of an integrated software process for security engineering from design through enforcement. Towards this goal, we promote a secure software engineering process that leverages an extended unified modeling language (UML) to visualize COD/AWF policies to achieve a solution that separates concerns while still providing the means to securely engineer dynamic collaborations for applications such as the PCMH. Once defined, these collaboration UML diagrams can be utilized to generate the corresponding aspect oriented policy code upon which the enforcement mechanism can be applied to at runtime.
Type de document :
Communication dans un congrès
Yingjiu Li. 23th Data and Applications Security (DBSec), Jul 2011, Richmond, VA, United States. Springer, Lecture Notes in Computer Science, LNCS-6818, pp.293-300, 2011, Data and Applications Security and Privacy XXV. 〈10.1007/978-3-642-22348-8_25〉
Liste complète des métadonnées

Littérature citée [14 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01586593
Contributeur : Hal Ifip <>
Soumis le : mercredi 13 septembre 2017 - 08:56:11
Dernière modification le : mercredi 13 septembre 2017 - 14:28:18
Document(s) archivé(s) le : jeudi 14 décembre 2017 - 13:03:05

Fichier

978-3-642-22348-8_25_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Solomon Berhe, Steven Demurjian, Swapna Gokhale, Jaime Pavlich-Mariscal, Rishi Saripalle. Leveraging UML for Security Engineering and Enforcement in a Collaboration on Duty and Adaptive Workflow Model That Extends NIST RBAC. Yingjiu Li. 23th Data and Applications Security (DBSec), Jul 2011, Richmond, VA, United States. Springer, Lecture Notes in Computer Science, LNCS-6818, pp.293-300, 2011, Data and Applications Security and Privacy XXV. 〈10.1007/978-3-642-22348-8_25〉. 〈hal-01586593〉

Partager

Métriques

Consultations de la notice

26

Téléchargements de fichiers

10