Salim Chehida, Akram Idani, Y. Ledru, M. K. Rahmouni
{"title":"结合UML和B来规范和验证业务流程活动中的RBAC策略","authors":"Salim Chehida, Akram Idani, Y. Ledru, M. K. Rahmouni","doi":"10.1109/RCIS.2016.7549284","DOIUrl":null,"url":null,"abstract":"Integrating access control into business processes is a non-trivial task. This paper presents an approach that combines the UML and B languages for the specification and validation of RBAC policies at the process level. It starts by modeling the access control rules using our extension of UML2 activity diagrams denominated as BAAC@UML (Business Activity Access Control with UML). The BAAC@UML models are then translated into a specification in the B language using our B4MSecure platform. Finally, the last step validates the RBAC policy by testing its formal specification using the B tools (Provers and Animators).","PeriodicalId":344289,"journal":{"name":"2016 IEEE Tenth International Conference on Research Challenges in Information Science (RCIS)","volume":"101 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Combining UML and B for the specification and validation of RBAC policies in business process activities\",\"authors\":\"Salim Chehida, Akram Idani, Y. Ledru, M. K. Rahmouni\",\"doi\":\"10.1109/RCIS.2016.7549284\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Integrating access control into business processes is a non-trivial task. This paper presents an approach that combines the UML and B languages for the specification and validation of RBAC policies at the process level. It starts by modeling the access control rules using our extension of UML2 activity diagrams denominated as BAAC@UML (Business Activity Access Control with UML). The BAAC@UML models are then translated into a specification in the B language using our B4MSecure platform. Finally, the last step validates the RBAC policy by testing its formal specification using the B tools (Provers and Animators).\",\"PeriodicalId\":344289,\"journal\":{\"name\":\"2016 IEEE Tenth International Conference on Research Challenges in Information Science (RCIS)\",\"volume\":\"101 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 IEEE Tenth International Conference on Research Challenges in Information Science (RCIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/RCIS.2016.7549284\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE Tenth International Conference on Research Challenges in Information Science (RCIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RCIS.2016.7549284","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Combining UML and B for the specification and validation of RBAC policies in business process activities
Integrating access control into business processes is a non-trivial task. This paper presents an approach that combines the UML and B languages for the specification and validation of RBAC policies at the process level. It starts by modeling the access control rules using our extension of UML2 activity diagrams denominated as BAAC@UML (Business Activity Access Control with UML). The BAAC@UML models are then translated into a specification in the B language using our B4MSecure platform. Finally, the last step validates the RBAC policy by testing its formal specification using the B tools (Provers and Animators).
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
