Challenges in Model-Based Evolution and Merging of Access Control Policies
| Title | Challenges in Model-Based Evolution and Merging of Access Control Policies |
| Publication Type | Conference Paper |
| Year of Publication | 2011 |
| Authors | Montrieux, L., M. Wermelinger, and Y. Yu |
| Conference Name | Joint 12th International Workshop on Principles on Software Evolution and 7th ERCIM Workshop on Software Evolution |
| Keywords | Access control, Evolution, incremental verification, merging, model, OCL, RBAC, Security, UML, verification |
| Abstract | Access Control plays a crucial part in software security, as it is responsible for making sure that users have access to the resources they need while being forbidden from accessing resources they do not need. Access control models such as Role-Based Access Control have been developed to help system administrators deal with the increasing complexity of the rules that determine whether or not a particular user should access a particular resource. These rules, as well as the users and their needs, are likely to evolve over time. In some cases, it may even be necessary to merge several access control configurations into a single one. In this position paper, we review existing research in model-based software evolution and merging, and argue the need for a specific approach for access control in order to take its specific requirements into account. |
| Notes | ISBN: 978-1-4503-0848-9 Pages: 116-120 |
| URL | http://oro.open.ac.uk/29084/ |
- Login to post comments
- XML
- BibTex
- Google Scholar
