Toward a Model-driven Access-control Enforcement Mechanism for Pervasive Systems

Olivier-Nathanaël Ben David; Benoit Baudry

Network of Excellence on Engineering Secure Future Internet Software Services and Systems

Home

Publications

Toward a Model-driven Access-control Enforcement Mechanism for Pervasive Systems

BibTex:
Research Area:	Uncategorized	Year:	2012
Type of Publication:	In Proceedings	Keywords:	MDE
Authors:	David, Olivier-Nathanaël Ben Baudry, Benoit

Book title:	1st Model-Driven Security Workshop (MDSEC)

Address:	Innsbruck, Austria



@conference{bendavid12, author = "Olivier-Nathana{\"e}l Ben David and Benoit Baudry", abstract = "Pervasive systems typically involve heterogeneous users, devices and networks to provide services seamlessly interacting with the physical world. In order to be flexible, these systems must be both dynamically adaptive to handle and still open to the ability of receiving new elements. Characteristics of these systems can have a major impact on the enforcement of role-based access control policies. Enforcement mechanism for RBAC policies need to be tailored to distributed and adaptive software architectures. It must be capable of handling architectural changes (e.g., a resource hosted by a node is moved to another node) in order to maintain the enforced policy. In this paper we describe an approach of policy enforcement that leverages on a mapping between RBAC and a component-based architecture to reason on architectural changes and maintain the enforced policy. Models@runtime paradigm provides elementary bricks to reason on adaptive architecture. Relying on it and on runtime adaptation and monitoring mechanisms we propose a design for a model-driven RBAC enforcement mechanism.", address = "Innsbruck, Austria", booktitle = "1st Model-Driven Security Workshop (MDSEC)", keywords = "MDE", note = "partners: INRIA; projects: Nessos; TIER: NoTier; citation: 0", title = "{T}oward a {M}odel-driven {A}ccess-control {E}nforcement {M}echanism for {P}ervasive {S}ystems", year = "2012", }
Note:	partners: INRIA; projects: Nessos; TIER: NoTier; citation: 0
Abstract:	Pervasive systems typically involve heterogeneous users, devices and networks to provide services seamlessly interacting with the physical world. In order to be flexible, these systems must be both dynamically adaptive to handle and still open to the ability of receiving new elements. Characteristics of these systems can have a major impact on the enforcement of role-based access control policies. Enforcement mechanism for RBAC policies need to be tailored to distributed and adaptive software architectures. It must be capable of handling architectural changes (e.g., a resource hosted by a node is moved to another node) in order to maintain the enforced policy. In this paper we describe an approach of policy enforcement that leverages on a mapping between RBAC and a component-based architecture to reason on architectural changes and maintain the enforced policy. Models@runtime paradigm provides elementary bricks to reason on adaptive architecture. Relying on it and on runtime adaptation and monitoring mechanisms we propose a design for a model-driven RBAC enforcement mechanism.
[Bibtex]

[ Back ]

Network of Excellence on Engineering Secure Future Internet Software Services and Systems

Surveys

Main Menu

Toward a Model-driven Access-control Enforcement Mechanism for Pervasive Systems