Role-Based Access Control Using Knowledge Acquisition in Automated Specification
Name
Olgun Cakabey
Abstract
Security is considered to be an aspect of information systems. Role-based access control (RBAC) is an approach to restricting system access to authorized users in information systems. Existing security modeling languages and/or approaches address the security of the IS, however existing languages or approaches do not necessarily conforms to the needs of RBAC. There are several modeling languages (e.g. SecureUML, UMLSec, etc.) to represent RBAC but they are not interoperable and it is not easy to compare one with another. Each modeling language represents different perspectives on information systems. Besides, there is a need to merge design and requirement stages in order to discover system security concerns and analyze related security trade-offs at the earlier stages. Knowledge acquisition in automated specification (KAOS) is a goal oriented requirement engineering approach to elicit software requirements. In this point, KAOS will be a key solution in order to combine requirements with design principles.
In this thesis, we will analyze KAOS to apply RBAC. More specifically, we will apply a systematic approach to understand how KAOS can be used to apply RBAC. Our research work will be based on the transformation rules between KAOS-SecureUML and KAOS-UMLSec, and vice versa. Moreover, through these transformations we will show how we aligned KAOS to RBAC.
The contribution of this research has several benefits. Firstly, it will potentially help to understand how KAOS could deal with RBAC. Secondly it will define the approach to elicit security requirements for RBAC at early stages of the IS development. This will apply our results in a case study to measure the correctness of the defined approach. Thirdly, the transformations from/to the KAOS would help IS developers and the other system stakeholders (e.g. system analysts, system administrators, etc.) to understand how important these security approaches (KAOS, SecureUML and UMLSec) are and which one has more advantages/disadvantages. We plan to validate our results for transformation rules and the models regarding their correctness that will be measured. Last but not least, we will be able to justify the design stage with requirement stage.
Graduation Thesis language
English
Graduation Thesis type
Master - Software Engineering
Supervisor(s)
Raimundas Matulevičius
Defence year
2012