Gesellschaft fr Informatik e.V.

Lecture Notes in Informatics

SICHERHEIT 2005, Sicherheit - Schutz und Zuverlässigkeit, Beiträge der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI), 5.-8. April 2005 in Regensburg. GI 2005 P-62, 273-284 (2005).

GI, Gesellschaft für Informatik, Bonn


Hannes Federrath (ed.)

Copyright © GI, Gesellschaft für Informatik, Bonn


Model-driven development of access control aspects

M. Koch and K. Pauls


In distributed system development security is a major design criteria. Se- curity and more specific access-control can be seen as an aspect in terms of Aspectoriented Programming. We present a Model Driven Development (MDD) approach to the development of access control aspects which permits their generation from UML models. The contribution of this paper is threefold. First, we present the integration of access control requirements into the software development process. Second, we introduce an access control specification language for distributed systems that is capable to express the access control aspect of a system. Third, we define an interceptor-based approach for the integration of aspects into the application logic during runtime instead of code weaving. Applying our technique to the design process of a distributed system allows to generate the access control aspects of the system in an specification language that subsequently can be enforced by an interceptor enabled platform.

Full Text: PDF

GI, Gesellschaft für Informatik, Bonn
ISBN 3-88579-391-1

Last changed 24.01.2012 21:48:57