Skip to main content
SpringerLink
Log in

A Framework for Composable Security Definition, Assurance, and Enforcement

  • Conference paper
Satellite Events at the MoDELS 2005 Conference (MODELS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 3844))

Abstract

The objective of this research is to develop techniques that integrate alternative security concerns (e.g., mandatory access control, delegation, authentication, etc.) into the software process. A framework is proposed to achieve composable security definition, assurance, and enforcement via a model-driven framework that preserves separation of security concerns from modeling through implementation, and provides mechanisms to compose these concerns into the application, while maintaining consistency between design models and code. At modeling-time, separation of concerns (e.g., RBAC, MAC, delegation, authorization, etc.) is emphasized by defining concern-specific modeling languages. At the implementation-level, aspect-oriented programming (AOP) transitions security concerns into modularized code that enforces each concern. This research assumes the use of an underlying object-oriented language with aspect-oriented extensions, and infrastructure to implement the applications and support secure access to the public methods of classes, e.g., Java with AspectJ or C++ with AspectC++.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Basin, D., Doser, J., Lodderstedt, T.: Model driven security, Engineering Theories of Software Intensive Systems (2004)

    Google Scholar 

  2. Pavlich-Mariscal, J.A., Doan, T., Michel, L., Demurjian, S.A., Ting, T.C.: Role Slices: A Notation for RBAC Permission Assignment and Enforcement. In: Proceedings of 19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (2005)

    Google Scholar 

  3. Pavlich-Mariscal, J.A., Michel, L., Demurjian, S.A.: A Formal Enforcement Framework for Role-Based Access Control using Aspect-Oriented Programming. In: Briand, L., Williams, C. (eds.) ACM/IEEE 8th International Conference on Model Driven Engineering Languages and Systems, Montego Bay, Jamaica (2005)

    Google Scholar 

  4. Song, E., Reddy, R., France, R., Ray, I., Georg, G., Alexander, R.: Verifiable composition of access control features and applications. In: Proceedings of 10th ACM Symposium on Access Control Models and Technologies, SACMAT 2005 (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science & Engineering, The University of Connecticut, Unit-2155, 371 Fairfield Road, Storrs, CT, 06269 2155

    J. A. Pavlich-Mariscal, S. A. Demurjian & L. D. Michel

Authors
  1. J. A. Pavlich-Mariscal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. A. Demurjian
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. L. D. Michel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Département Informatique, Université de Pau et des Pays de l’Adour, Av. de l’Université, B.P. 1155, 64013, Pau, France

    Jean-Michel Bruel

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Pavlich-Mariscal, J.A., Demurjian, S.A., Michel, L.D. (2006). A Framework for Composable Security Definition, Assurance, and Enforcement. In: Bruel, JM. (eds) Satellite Events at the MoDELS 2005 Conference. MODELS 2005. Lecture Notes in Computer Science, vol 3844. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11663430_41

Download citation

  • DOI: https://doi.org/10.1007/11663430_41

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-31780-7

  • Online ISBN: 978-3-540-31781-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation