IMDEA Software

Iniciativa IMDEA

Inicio > Eventos > Software Seminar Series > 2009 > Modeling and Analyzing Access Control Security Policies with Tool Support
Esta página aún no ha sido traducida. A continuación se muestra la página en inglés.

Javier Valdazo

martes 17 de febrero de 2009

11:00am Meeting room 302 (Mountain View), level 3

Javier Valdazo, Research Intern, IMDEA Software Institute

Modeling and Analyzing Access Control Security Policies with Tool Support

Abstract:

Model driven development holds the promise of reducing system development time and improving the quality of the resulting products. SecureUML is an expressive UML-based language for constructing security-design models. Security design models are models that combine design specifications with specification of their security policies. The security policies might include both declarative aspects and programmatic aspects. Declarative aspects referred to static access control, like the assignment of users and permissions to roles, while programmatic referred to dynamic information, that is, to the satisfaction of authorization constraints in a given instance of a security-design model.

A formal semantic for the security models has been defined, that allow to make well-defined queries on the security-design models in order understand potentially subtle consequences of the policies they define.

During this talk the Secure UML language will be introduced. Also, using a SecureUML modeling tool that we have developed at IMDEA Software, we will show how security-design models can be specified and, more interestingly, how they can be analyzed in a rigorous and automatic way.