An Access Control Model for the Uniframe Framework
Abstract
Component-based software development, while offering a potential solution for the creation of complex distributed systems, requires a framework for specifying component properties such that the behaviors of a system may be analyzed before composition and verified during operation With much energy expended on verifying security properties of software systems, a means of composing a system's security characteristics from the properties of individual components would aid in the creation of more secure systems In this thesis, a framework for characterizing the access control properties of distributed software components along with a compositional model for predicting system characteristics are presented The proposed framework will address the following issues: a) development of a means of specifying access control properties for individual components and integrated systems, b) extension of the UniFrame Resource Discovery Service to facilitate searching for components with required access control properties, and c) the creation of composition models for predicting the system behavior with respect to access control properties and access control policies. Component and system specifications are based on logic programming and Temporal Logic of Action in order to provide a means for model-checking and verification A simple student information system case study is used as the context for describing and testing this access control framework.
Document Details
- Document Type
- Technical Report
- Publication Date
- May 01, 2005
- Accession Number
- ADA492318
Entities
People
- Alexander M. Crespi