Model driven security: unification of authorization models for fine-grain access control

The research vision of the Unified Component Meta Model Framework (Uniframe) is to develop infrastructure for components that enables a plug and play component environment where the security contracts are a part of the component description and the security aware middleware is generated by the compo...

Full description

Saved in:
Bibliographic Details
Main Authors: Burt, C.C., Bryant, B.R., Raje, R.R., Olson, A., Auguston, M.
Format: Conference Proceeding
Language:English
Subjects:
Access control
Authorization
Business communication
Collaborative software
Contracts
IEC standards
ISO standards
Middleware
Quality of service
Security
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The research vision of the Unified Component Meta Model Framework (Uniframe) is to develop infrastructure for components that enables a plug and play component environment where the security contracts are a part of the component description and the security aware middleware is generated by the component integration toolkits. That is, the component providers will define security contracts in addition to the functional contracts. These security contracts will be used to analyze the ability of a service to meet the security constraints when used in a composition of components. A difficulty in progressing the security related aspects of this infrastructure is the lack of a unified access control model that can be leveraged to identify protected resources and access control points at the model level. Existing component technologies utilize various mechanisms for specifying security constraints. This paper will explore issues related to expressing access control requirements of components and the resources they manage. It proposes a platform independent model (PIM) for the access control that can be leveraged to parameterize domain models. It also outlines the analysis necessary to progress a standard transformation from this PIM to three existing platform specific models (PSMs).
DOI:10.1109/EDOC.2003.1233846