Home Publications

Toward a Model-driven Access-control Enforcement Mechanism for Pervasive Systems

Research Area: Uncategorized Year: 2012
Type of Publication: In Proceedings Keywords: MDE
  • David, Olivier-Nathanaël Ben
  • Baudry, Benoit
Book title: 1st Model-Driven Security Workshop (MDSEC)
Address: Innsbruck, Austria
partners: INRIA; projects: Nessos; TIER: NoTier; citation: 0
Pervasive systems typically involve heterogeneous users, devices and networks to provide services seamlessly interacting with the physical world. In order to be flexible, these systems must be both dynamically adaptive to handle and still open to the ability of receiving new elements. Characteristics of these systems can have a major impact on the enforcement of role-based access control policies. Enforcement mechanism for RBAC policies need to be tailored to distributed and adaptive software architectures. It must be capable of handling architectural changes (e.g., a resource hosted by a node is moved to another node) in order to maintain the enforced policy. In this paper we describe an approach of policy enforcement that leverages on a mapping between RBAC and a component-based architecture to reason on architectural changes and maintain the enforced policy. Models@runtime paradigm provides elementary bricks to reason on adaptive architecture. Relying on it and on runtime adaptation and monitoring mechanisms we propose a design for a model-driven RBAC enforcement mechanism.