An aspect-based approach to modeling access control policies
| dc.contributor.author | Song, Eunjee, author | |
| dc.contributor.author | France, Robert B., advisor | |
| dc.contributor.author | Ray, Indrakshi, advisor | |
| dc.contributor.author | Bieman, James M., committee member | |
| dc.contributor.author | Ghosh, Sudipto, committee member | |
| dc.contributor.author | Kim, Joon K., committee member | |
| dc.date.accessioned | 2007-01-03T04:43:06Z | |
| dc.date.available | 2007-01-03T04:43:06Z | |
| dc.date.issued | 2007 | |
| dc.description | Department Head: L. Darrell Whitley. | |
| dc.description.abstract | Access control policies determine how sensitive information and computing resources are to be protected. Enforcing these policies in a system design typically results in access control features that crosscut the dominant structure of the design (that is, features that are spread across and intertwined with other features in the design). The spreading and intertwining of access control features make it difficult to understand, analyze, and change them and thus complicate the task of ensuring that an evolving design continues to enforce access control policies. Researchers have advocated the use of aspect-oriented modeling (AOM) techniques for addressing the problem of evolving crosscutting features. This dissertation proposes an approach to modeling and analyzing crosscutting access control features. The approach utilizes AOM techniques to isolate crosscutting access control features as patterns described by aspect models. Incorporating an access control feature into a design involves embedding instantiated forms of the access control pattern into the design model. When composing instantiated access control patterns with a design model, one needs to ensure that the resulting composed model enforces access control policies. The approach includes a technique to verify that specified policies are enforced in the composed model. The approach is illustrated using two well-known access control models: the Role- Based Access Control (RBAC) model and the Bell-LaPadula (BLP) model. Features that enforce RBAC and BLP models are described by aspect models. We show how the aspect models can be composed to create a new hybrid access control aspect model. We also show how one can verify that composition of a base (primary) design model and an aspect model that enforces specified policies produces a composed model in which the policies are still enforced. | |
| dc.format.medium | doctoral dissertations | |
| dc.identifier | 2007_spring_Song_COMS.pdf | |
| dc.identifier | ETDF2007100002COMS | |
| dc.identifier.uri | http://hdl.handle.net/10217/26810 | |
| dc.language | English | |
| dc.language.iso | eng | |
| dc.publisher | Colorado State University. Libraries | |
| dc.relation | Catalog record number (MMS ID): 991024091029703361 | |
| dc.relation | QA76.64.S66 2007 | |
| dc.relation.ispartof | 2000-2019 | |
| dc.rights | Copyright and other restrictions may apply. User is responsible for compliance with all applicable laws. For information about copyright law, please see https://libguides.colostate.edu/copyright. | |
| dc.title | An aspect-based approach to modeling access control policies | |
| dc.type | Text | |
| dcterms.rights.dpla | This Item is protected by copyright and/or related rights (https://rightsstatements.org/vocab/InC/1.0/). You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). | |
| thesis.degree.discipline | Computer Science | |
| thesis.degree.grantor | Colorado State University | |
| thesis.degree.level | Doctoral | |
| thesis.degree.name | Doctor of Philosophy (Ph.D.) |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- 2007_spring_Song_COMS.pdf
- Size:
- 752.65 KB
- Format:
- Adobe Portable Document Format
- Description: