Abstract
The definition of access control concepts at the modeling level is an important prerequisite for the thorough implementation and enforcement of corresponding policies and constraints in a software system. In this paper, we present an approach to provide modeling support for the delegation of roles, tasks, and duties in the context of process-related RBAC models. The delegation model elements are integrated into a software engineering and business process context by providing UML2 modeling support for role-, task, and duty-level delegation. The semantics of our UML extension are formally specified via OCL constraints.
Chapter PDF
Similar content being viewed by others
Keywords
References
Atluri, V., Warner, J.: Supporting conditional delegation in secure workflow management systems. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 49–58 (2005)
Barka, E., Sandhu, R.: A Role-Based Delegation Model and Some Extensions. In: Proceedings of the 23rd National Information Systems Security Conference, NISSEC (2000)
Barka, E., Sandhu, R.: Framework for Role-Based Delegation Models. In: Proceedings of the 16th Annual Computer Security Applications Conference (2000)
Cole, J., Derrick, J., Milosevic, Z., Raymond, K.: Author obliged to submit paper before 4 july: Policies in an enterprise specification. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 1–17. Springer, Heidelberg (2001)
Crampton, J., Khambhammettu, H.: Delegation and Satisfiability in Workflow Systems. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 31–40 (2008)
Crampton, J., Khambhammettu, H.: Delegation in role-based access control. International Journal of Information Security 7(2), 123–136 (2008)
Crampton, J., Khambhammettu, H.: On Delegation and Workflow Execution Models. In: Proceedings of the 2008 ACM symposium on Applied computing, SAC (2008)
Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control, 2nd edn. Artech House (2007)
Mouratidis, H., Jürjens, J.: From Goal-Driven Security Requirements Engineering to Secure Design. International Journal of Intelligent Systems 25(8), 813 (2010)
OMG. Object Constraint Language Specification. available at: technology documents formal o cl.htm, Version 2.2, formal/2010-02-01, The Object Management Group (February 2010), http://www.omg.org
OMG. Unified Modeling Language (OMG UML): Superstructure. available at: http://www.omg.org technology documents formalu ml.htm, May 2010. Version 2.3, formal/2010-05-05, The Object Management Group.
Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer 29(2) (1996)
Schaad, A., Moffett, J.D.: Delegation of Obligations. In: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks, POLICY (2002)
Schefer, S., Strembeck, M.: Modeling Process-Related Duties with Extended UML Activity and Interaction Diagrams. Proc. of the International Workshop on Flexible Workflows in Distributed Systems, Workshops der Wissenschaftlichen Konferenz Kommunikationin Verteilten Systemen (WowKiVS), Electronic Communications of the EASST 37 (2011)
Strembeck, M.: Embedding Policy Rules for Software-Based Systems in a Requirements Context. In: Proceedings of the 6th IEEE International Workshop on Policies for Distributed Systems and Networks, POLICY (2005)
Strembeck, M., Mendling, J.: Modeling Process-related RBAC Models with Extended UML Activity Models. Information and Software Technology 53(5) (2010), doi:10.1016/j.infsof.2010.11.015
Wainer, J., Kumar, A., Barthelmess, P.: DW-RBAC: A formal security model of delegation and revocation in workflow systems. Information Systems 32(3), 365–384 (2007)
Wolter, C., Menzel, M., Schaad, A., Miseldine, P., Meinel, C.: Model-driven business process security requirement specification. Journal of Systems Architecture 55(4), 211–223 (2009)
Zhang, L., Ahn, G.-J., Chu, B.-T.: A Rule-Based Framework for Role-Based Delegation and Revocation. ACM Transations on Information System Security (TISSEC) 6(3), 404–441 (2003)
Zhang, X., Oh, S., Sandhu, R.: PBDM: A Flexible Delegation Model in RBAC. In: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 149–157 (2003)
Zhao, G., Chadwick, D., Otenko, S.: Obligations for Role Based Access Control. In: Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops, vol. 01, pp. 424–431 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Schefer, S., Strembeck, M. (2011). Modeling Support for Delegating Roles, Tasks, and Duties in a Process-Related RBAC Context. In: Salinesi, C., Pastor, O. (eds) Advanced Information Systems Engineering Workshops. CAiSE 2011. Lecture Notes in Business Information Processing, vol 83. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22056-2_67
Download citation
DOI: https://doi.org/10.1007/978-3-642-22056-2_67
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22055-5
Online ISBN: 978-3-642-22056-2
eBook Packages: Computer ScienceComputer Science (R0)