Modularity and Dynamic Adaptation of Flexibly Secure Systems: Model-Driven Adaptive Delegation in Access Control Managem
Model-Driven Security (Mds) is a specialized Model-Driven Engineering (Mde) approach for supporting the development of secure systems. Model-Driven Security aims at improving the productivity of the development process and quality of the resulting secure
- PDF / 3,088,513 Bytes
- 36 Pages / 439.363 x 666.131 pts Page_size
- 39 Downloads / 182 Views
Abstract. Model-Driven Security (Mds) is a specialized Model-Driven Engineering (Mde) approach for supporting the development of secure systems. Model-Driven Security aims at improving the productivity of the development process and quality of the resulting secure systems, with models as the main artifact. Among the variety of models that have been studied in a Model-Driven Security perspective, one can mention access control models that specify the access rights. So far, these models mainly focus on static definitions of access control policies, without taking into account the more complex, but essential, delegation of rights mechanism. Delegation is a meta-level mechanism for administrating access rights, which allows a user without any specific administrative privileges to delegate his/her access rights to another user. This paper gives a formalization of access control and delegation mechanisms, and analyses the main hard-points for introducing various advanced delegation semantics in Model-Driven Security. Then, we propose a modular model-driven framework for 1) specifying access control, delegation and the business logic as separate concerns; 2) dynamically enforcing/weaving access control policies with various delegation features into security-critical systems; and 3) providing a flexibly dynamic adaptation strategy. We demonstrate the feasibility and effectiveness of our proposed solution through the proof-of-concept implementations of different component-based systems running on different adaptive execution platforms, i.e. OSGi and Kevoree. Keywords: Model-driven security, model-driven engineering, MDE, model composition, delegation, access control, dynamic adaptation, OSGi, Kevoree.
1
Introduction
Software security is a polymorphic concept that encompasses different viewpoints (hacker, security officer, end-user) and raises complex management issues when S. Chiba et al. (Eds.): Transactions on AOSD XI, LNCS 8400, pp. 109–144, 2014. c Springer-Verlag Berlin Heidelberg 2014
110
P.H. Nguyen et al.
considering the ever-increasing complexity and dynamism of modern software. In this perspective, designing, implementing and testing software for security is a hard task, especially because security is dynamic, meaning that a security policy can be updated at any time and that it must be kept aligned with the software evolution. As one of the key concerns in software security, managing access control to critical resources requires the dynamic enforcement of access control policies. Access control policies stipulate actors access rights to internal resources and ensure that users can only access the resources they are allowed to in a given context. A sound methodology supporting such security-critical systems development is extremely necessary because access control mechanisms cannot be “blindly” inserted into a system, but the overall system development must take access control aspects into account. Critical resources could be accessible to wrong (or even malicious) users because of a small error in the specificatio
Data Loading...