MODEL-DRIVEN ENGINEERING OF FUNCTIONAL SECURITY POLICIES

Michel Embe Jiague, Marc Frappier, Frédéric Gervais, Pierre Konopacki, Régine Laleau, Jérémy Milhau, Richard St-Denis

Abstract

This paper describes an ongoing project on the specification and automatic implementation of functional security policies. We advocate a clear separation between functional behavior and functional security requirements. We propose a formal language to specify functional security policies. We are developing techniques by which a formal functional security policy can be automatically implemented. Hence, our approach is highly inspired from model-driven engineering. Furthermore, our formal language will enabled us to use model checking techniques to verify that a security policy satisfies desired properties.

References

  1. Amstel, M. F. V., van den Brand, M. G. J., Proti, Z., and Verhoeff, T. (2008). Transforming process algebra models into UML state machines: Bridging a semantic gap? In Theory and Practice of Model Transformations, volume 5063 of Lecture Notes in Computer Science, pages 61-75. Springer Berlin / Heidelberg.
  2. Bhatti, R., Sanz, D., Bertino, E., and Ghafoor, A. (2007). A policy-based authorization framework for web services: Integrating xgtrbac and ws-policy. In Web Services, 2007. ICWS 2007. IEEE International Conference on, pages 447 -454.
  3. Chirichiello, A. and Salaün, G. (2007). Encoding process algebraic descriptions of web services into bpel. Web Intelli. and Agent Sys., 5(4):419-434.
  4. Ferraiolo, D., Kuhn, D., and Chandramouli, R. (2003). Role-based access control. Artech House Publishers.
  5. Fraikin, B. and Frappier, M. (2002). EB3PAI: an Interpreter for the EB3 Specification Language. In Haneberg, D., Schellhorn, G., and Reif, W., editors, 5th Workshop on Tools for System Design and Verification (FM-TOOLS 2002), proceedings, Reisensburg Castle, Günzburg, Germany.
  6. Fraikin, B. and Frappier, M. (2009). Efficient symbolic computation of process expressions. Science of Computer Programming, 74(9):723 - 753. Special Issue on the Fifth International Workshop on Foundations of Coordination Languages and Software Architectures (FOCLASA'06).
  7. Frappier, M., Gervais, F., Laleau, R., Fraikin, B., and StDenis, R. (2008). Extending statecharts with process algebra operators. Innovations in Systems and Software Engineering, 4(3):285-292.
  8. Frappier, M. and St-Denis, R. (2003). EB3: an entity-based black-box specification method for information systems. Software and Systems Modeling, 2(2):134-149.
  9. ICTI (2010). Carnegie mellon | portugal program. interfaces - certified interfaces for integrity and security in extensible web-based applications. http://www.cmuportugal.org/tiercontent.aspx?id= 1564&ekmensel=568fab5c 68 0 1564 6.
  10. Joshi, J., Bertino, E., Latif, U., and Ghafoor, A. (2005). A generalized temporal role-based access control model. Knowledge and Data Engineering, IEEE Transactions on, 17(1):4 - 23.
  11. Kalam, A. A. E., Benferhat, S., Miège, A., Baida, R. E., Cuppens, F., Saurel, C., Balbiani, P., Deswarte, Y., and Trouessin, G. (2003). Organization based access control. Policies for Distributed Systems and Networks, IEEE International Workshop on, 0:120.
  12. Meinel, C. (2009). Soa - security. hasso-plattner-institut für softwaresystemtechnik. http://www.hpi.unipotsdam.de/meinel/research/security engineering/ soasecurity1.html.
  13. ORKA (2009). The orka consortium. germany. http:// www.organisatorische-kontrolle.de/index-en.htm.
  14. SELKIS (2009). Project anr-08-segi-018. france. http:// lacl.fr/selkis/.
Download


Paper Citation


in Harvard Style

Embe Jiague M., Frappier M., Gervais F., Konopacki P., Laleau R., Milhau J. and St-Denis R. (2010). MODEL-DRIVEN ENGINEERING OF FUNCTIONAL SECURITY POLICIES . In Proceedings of the 12th International Conference on Enterprise Information Systems - Volume 3: ICEIS, ISBN 978-989-8425-06-5, pages 374-379. DOI: 10.5220/0003019403740379


in Bibtex Style

@conference{iceis10,
author={Michel Embe Jiague and Marc Frappier and Frédéric Gervais and Pierre Konopacki and Régine Laleau and Jérémy Milhau and Richard St-Denis},
title={MODEL-DRIVEN ENGINEERING OF FUNCTIONAL SECURITY POLICIES},
booktitle={Proceedings of the 12th International Conference on Enterprise Information Systems - Volume 3: ICEIS,},
year={2010},
pages={374-379},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003019403740379},
isbn={978-989-8425-06-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Enterprise Information Systems - Volume 3: ICEIS,
TI - MODEL-DRIVEN ENGINEERING OF FUNCTIONAL SECURITY POLICIES
SN - 978-989-8425-06-5
AU - Embe Jiague M.
AU - Frappier M.
AU - Gervais F.
AU - Konopacki P.
AU - Laleau R.
AU - Milhau J.
AU - St-Denis R.
PY - 2010
SP - 374
EP - 379
DO - 10.5220/0003019403740379