A Model-Driven Security Requirements Approach to Deduce Security Policies Based on OrBAC

Attacks on unsecured systems result in important loses. Many of the causes are related to non-conformance of system architecture and implementation to the requirements. To reduce these conformity problems, Model Driven Engineering proposes using modelling languages for defining requirements and architecture and model transformations between them. We therefore introduce a modelling language extension/ profile for defining system requirements with basic security requirement concepts. We also formalize the model transformation between this profile and a security formal verification method. We exemplify our approach on a medical case study. \textcopyright Springer International Publishing Switzerland 2015.

Domaines

Informatique [cs]

Julien Rabaud : Connectez-vous pour contacter le contributeur

https://univ-pau.hal.science/hal-01908073

Soumis le : lundi 29 octobre 2018-17:44:08

Dernière modification le : vendredi 24 mars 2023-14:53:08

Dates et versions

hal-01908073 , version 1 (29-10-2018)

Identifiants

HAL Id : hal-01908073 , version 1
DOI : 10.1007/978-3-319-16745-9_9

Citer

Denisse Muñante Arzapalo, Vanea Chiprianov, Laurent Gallon, Philippe Aniorte. A Model-Driven Security Requirements Approach to Deduce Security Policies Based on OrBAC. Information Security and Cryptology - 10th International Conference, Inscrypt 2014, Beijing, China, December 13-15, 2014, Revised Selected Papers, Dec 2014, Beijing, China. pp.150--169, ⟨10.1007/978-3-319-16745-9_9⟩. ⟨hal-01908073⟩

Exporter

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

UNIV-BREST INSTITUT-TELECOM CNRS UNIV-PAU ENIB LAB-STICC_ENIB LAB-STICC LAB-STICC_TB IMT-ATLANTIQUE LIUPPA TSP-DISSEM

38 Consultations

0 Téléchargements