A Model-Driven Security Requirements Approach to Deduce Security Policies Based on OrBAC

Attacks on unsecured systems result in important loses. Many of the causes are related to non-conformance of system architecture and implementation to the requirements. To reduce these conformity problems, Model Driven Engineering proposes using modelling languages for defining requirements and architecture and model transformations between them. We therefore introduce a modelling language extension/ profile for defining system requirements with basic security requirement concepts. We also formalize the model transformation between this profile and a security formal verification method. We exemplify our approach on a medical case study. \textcopyright Springer International Publishing Switzerland 2015.

Domains

Computer Science [cs]

Julien Rabaud : Connect in order to contact the contributor

https://hal-univ-pau.archives-ouvertes.fr/hal-01908073

Submitted on : Monday, October 29, 2018-5:44:08 PM

Last modification on : Friday, March 24, 2023-2:53:08 PM

Dates and versions

hal-01908073 , version 1 (29-10-2018)

Identifiers

HAL Id : hal-01908073 , version 1
DOI : 10.1007/978-3-319-16745-9_9

Cite

Denisse Muñante Arzapalo, Vanea Chiprianov, Laurent Gallon, Philippe Aniorte. A Model-Driven Security Requirements Approach to Deduce Security Policies Based on OrBAC. Information Security and Cryptology - 10th International Conference, Inscrypt 2014, Beijing, China, December 13-15, 2014, Revised Selected Papers, Dec 2014, Beijing, China. pp.150--169, ⟨10.1007/978-3-319-16745-9_9⟩. ⟨hal-01908073⟩

Export

BibTeX TEI Dublin Core DC Terms EndNote Datacite

Collections

UNIV-BREST INSTITUT-TELECOM CNRS UNIV-PAU ENIB LAB-STICC_ENIB LAB-STICC LAB-STICC_TB IMT-ATLANTIQUE LIUPPA TSP-DISSEM

38 View

0 Download