基于角色访问控制模型约束的OCL描述

基于角色的访问控制模型(RBAC)凭借其灵活的授权机制、强大的管理功能和完善的安全策略越来越引起人们的研究兴趣,随着研究的不断深入,面向对象的研究方法也逐渐应用到这个模型中,促进了它的迅速发展。UML作为一种强大的建模语言,不只是局限于支持面向对象的分析与设计,还支持从需求分析开始的软件开发的全过程,通过UML的描述可以使理论模型更加直观地应用到实际系统开发。该文使用UML的对象约束语言(OCL)来描述RBAC中的相关约束,使约束描述更加标准化,更有利于系统开发人员对模型的理解和促进RBAC模型的系统开发。     

Reconstructing a formal security model

Role-based access control (RBAC) is a flexible approach to access control, which has generated great interest in the security community. The principal motivation behind RBAC is to simplify the complexity of administrative tasks. Several formal models of RBAC have been introduced. However, there are a few works specifying RBAC in a way which system developers or software engineers can easily understand and adopt to develop role-based systems. And there still exists a demand to have a practical representation of well-known access control models for system developers who work on secure system development. In this paper we represent a well-known RBAC model with software engineering tools such as Unified Modeling Language (UML) and Object Constraints Language (OCL) to reduce a gap between security models and system developments. The UML is a general-purpose visual modeling language in which we can specify, visualize, and document the components of a software system. And OCL is part of the UML and has been used for object-oriented analysis and design as a de facto constraints specification language in software engineering arena. Our representation is based on a standard model for RBAC proposed by the National Institute of Standards and Technology. We specify this RBAC model with UML including three views: static view, functional view, and dynamic view. We also describe how OCL can specify RBAC constraints that is one of important aspects to constrain what components in RBAC are allowed to do. In addition, we briefly discuss future directions of this work.     

Combining UML, ASTD and B for the formal specification of an access control filter

Combination of formal and semi-formal methods is more and more required to produce specifications that can be, on the one hand, understood and thus validated by both designers and users and, on the other hand, precise enough to be verified by formal methods. This motivates our aim to use these complementary paradigms in order to deal with security aspects of information systems. This paper presents a methodology to specify access control policies starting with a set of graphical diagrams: UML for the functional model, SecureUML for static access control and ASTD for dynamic access control. These diagrams are then translated into a set of B machines. Finally, we present the formal specification of an access control filter that coordinates the different kinds of access control rules and the specification of functional operations. The goal of such B specifications is to rigorously check the access control policy of an information system taking advantage of tools from the B method.     

From UML/SPT models to schedulability analysis: approach and a prototype implementation using ATL

Model Driven Architecture (MDA) is a software development approach promoted by the OMG. MDA is based on two key concepts, models and model transformations. Several kinds of models are generally used throughout the development process to specify a software system and to support its analysis and validation. UML and its extensions, such as the UML profile for real-time systems (UML/SPT), are commonly used to define the structure and the behavior of software systems while other models, such as performance models or schedulability models, are more suitable for performance or schedulability analysis, respectively. In this paper we discuss a model transformation enabling the derivation of schedulability analysis models from UML/SPT models. As a proof of concepts, we present a prototype implementation of this model transformation using ATL. We provide a definition of the source and target metamodels using the metamodel specification language KM3 and we specify the transformation in an ATL module. We discuss the merits and limitations of our approach and of its implementation.     

用UML描述组件规格说明

在基于组件的软件开放方式（CBD）下，软件系统是一些盯互联系的可重用组件的集合，因此需要对系统的每一个组件以及组件之间的相互关系有很好的理解。UML作为一种标准建模语言，不仅可以支持面向对象的分析与设计，而且能够有力地支持从需求分析开始的软件开发全过程。但是UML对组件建模的支持并不理想，这就需要开发一种能很好支持组件建模的方法。本文提出一种用UML描述组件规格说明的方法。将组件规格说明分解成组件接口规格说明。通过对组件的每个接口和组件接口之间的相互关系加以形式描述，从而达到组件规格说明的清晰性和精确性。     

UML 2.0 and agents: how to build agent-based systems with the new UML standard

Unified Modeling Language (UML 2.0) is the upcoming standard of the Object Management Group for specifying object-oriented software systems. In this paper, we will show how UML 2.0 can be applied for the specification of agent-based systems. Moreover, we will give a short overview on existing agent methodologies to have a reference what has to be specified in such systems. The paper concludes with some outlook for further research and open issues for specifying agents with UML 2.0.     

A UML-based static verification framework for security

Secure software engineering is a new research area that has been proposed to address security issues during the development of software systems. This new area of research advocates that security characteristics should be considered from the early stages of the software development life cycle and should not be added as another layer in the system on an ad-hoc basis after the system is built. In this paper, we describe a UML-based Static Verification Framework (USVF) to support the design and verification of secure software systems in early stages of the software development life-cycle taking into consideration security and general requirements of the software system. USVF performs static verification on UML models consisting of UML class and state machine diagrams extended by an action language. We present an operational semantics of UML models, define a property specification language designed to reason about temporal and general properties of UML state machines using the semantic domains of the former, and implement the model checking process by translating models and properties into Promela, the input language of the SPIN model checker. We show that the methodology can be applied to the verification of security properties by representing the main aspects of security, namely availability, integrity and confidentiality, in the USVF property specification language.     

The KeY tool

KeY is a tool that provides facilities for formal specification and verification of programs within a commercial platform for UML based software development. Using the KeY tool, formal methods and object-oriented development techniques are applied in an integrated manner. Formal specification is performed using the Object Constraint Language (OCL), which is part of the UML standard. KeY provides support for the authoring and formal analysis of OCL constraints. The target language of KeY based development is Java Card DL, a proper subset of Java for smart card applications and embedded systems. KeY uses a dynamic logic for Java Card DL to express proof obligations, and provides a state-of-the-art theorem prover for interactive and automated verification. Apart from its integration into UML based software development, a characteristic feature of KeY is that formal specification and verification can be introduced incrementally.     

用UML和Object-Z描述交互式系统的接口规格说明

随着图形用户界面的普及，交互已成为目前软件系统的一个重要特征。与传统的基于字符界面的软件系统相比，基于图形用户界面的软件系统，从某种程序上可看作是一个交互式系统。形式化的规格说明具有精确性，无二义性和一致性等优点，用形式化说明语言来描述交互式系统用户接口的规格说明有很强的实用价值。由于形式化的规格说明的可读很差，因此可以采用标准的对象建模UML来帮助对形式化规格说明的理解。     

Model-driven specification and enforcement of RBAC break-glass policies for process-aware information systems

ContextIn many organizational environments critical tasks exist which – in exceptional cases such as an emergency – must be performed by a subject although he/she is usually not authorized to perform these tasks. Break-glass policies have been introduced as a sophisticated exception handling mechanism to resolve such situations. They enable certain subjects to break or override the standard access control policies of an information system in a controlled manner.ObjectiveIn the context of business process modeling a number of approaches exist that allow for the formal specification and modeling of process-related access control concepts. However, corresponding support for break-glass policies is still missing. In this paper, we aim at specifying a break-glass extension for process-related role-based access control (RBAC) models.MethodWe use model-driven development (MDD) techniques to provide an integrated, tool-supported approach for the definition and enforcement of break-glass policies in process-aware information systems. In particular, we provide modeling support on the computation independent model (CIM) layer as well as on the platform independent model (PIM) and platform specific model (PSM) layers.ResultsOur approach is generic in the sense that it can be used to extend process-aware information systems or process modeling languages with support for process-related RBAC and corresponding break-glass policies. Based on the formal CIM layer metamodel, we present a UML extension on the PIM layer that allows for the integrated modeling of processes and process-related break-glass policies via extended UML Activity diagrams. We evaluated our approach in a case study on real-world processes. Moreover, we implemented our approach at the PSM layer as an extension to the BusinessActivity library and runtime engine.ConclusionOur integrated modeling approach for process-related break-glass policies allows for specifying break-glass rules in process-aware information systems.     

带时间约束的UML序列图的分析工具

统一建模语言(UML)是一种多用途的可视化建模语言,它可用于软件系统的规约、可视化的构造和建档.UML序列图描述了交互对象间的协作,如在实时和分布式系统中通讯实体间的信息交互.与其它的规约和设计过程类似,UML序列图的规约也易出错,所以对它进行分析是很有必要的.文章描述了一个对带时间约束的UML序列图进行分析的工具.     

一种扩展UML/UP的需求分析方法

UML是面向对象分析和设计的工业标准;UP(Unified Process,统一过程)是使用UML作为建模语言的软件工程过程.UML和UP结合在一起成为一种很强大的软件工程方法学.UML/UP作为方法学,在需求方面存在两大不足:需求表达能力不强;需求表达与后续的系统分析和设计有较大的鸿沟.分析了需求工程中用例和场景分析以及用例图示的高层设计方法.在此基础上,提出了在需求方面增强了UML/UP方法.     

Dynamic Meta Modeling with Time: Specifying the Semantics of Multimedia Sequence Diagrams

UML offers different diagram types to model behavior and dynamics of software systems. In some domains like embedded real-time systems or multimedia systems, it is necessary to include specifications of time since the correctness of these applications depends on the fulfillment of temporal requirements in addition to functional requirements. UML thus already incorporates language features to model time and temporal constraints. Such model elements must have an equivalent in the semantic domain. We have proposed Dynamic Meta Modeling (DMM) as a means for the specification of the formal operational semantics of UML models by applying graph transformation to the meta modeling of dynamic behavior. Within this paper, we extend this approach to also account for time by building on timed graph transformations. We apply these concepts to the domain of multimedia application modeling in which we adopt UML sequence diagrams. The DMM rules with time then specify an interpreter that can be used to analyze or test a model of multimedia sequence diagrams.     

基于UML协作图的集成测试序列生成方法

随着软件测试自动化的要求,以及UML在面向对象软件开发领域中的广泛应用,基于UML的面向对象软件测试正日益受到关注。集成测试是面向对象软件测试的一个重要阶段,在基于UML协作图生成面向对象软件的集成测试用例的过程中,一个重要内容是测试序列的生成。针对集成测试序列数量容易膨胀的现象,根据UML协作图的特点,应用过程间受限控制流图(IR-CFG)描述协作图的消息间逻辑控制关系。给出了由RationalRose开发的规格说明文件生成IRCFG的算法,并介绍了IRCFG的几种覆盖准则与基于IRCFG生成测试序列的方法。     

UML与B结合的软件开发研究与应用

B方法主要是用抽象机来描述软件系统的规范说明,且有大量工具支持。UML已广泛用于面向对象技术的建模,许多工程项目和研究成果用UML图例给出。文中将B方法与UML结合用于软件的开发过程,结合工程实际和文献资料分析了从UML的类图、时序图和状态图转换到B的抽象机的技术要点,通过实例展示了具体的转换形式。     

Introduction to object-oriented systems engineering.1

Within software development, object-oriented (OO) analysis provides an incremental and iterative approach to guide the requirements definition, design, and development of software-intensive systems. OO analysis uses the Unified Modeling Language (UML) to capture and represent these requirements. UML permits specification of the product independent of programming language or development process. This independent product representation has raised interest in the systems engineering community: OO methods might be a mechanism to unite product development disciplines and remove the gap between the specified and as-built products. The paper discusses the object oriented systems engineering process.     

一种基于UML的软件产品线可变性建模方法

将UML引入到软件产品线开发中,在产品线可变性分析的基础上,提出了一种基于UML的产品线可变性建模方法。该方法不仅支持可选、多选一等可变点类型的描述,还支持软件产品线可变性的约束建模。在此基础上,还通过一个手机应用软件的产品线可变性建模实例验证了该方法的有效性。     

Integrating software specifications into intrusion detection

There exist a number of Intrusion Detection Systems (IDSs) that detect computer attacks based on some defined attack scenarios. The attack scenarios or security requirements in some of these IDSs are specified in attack specification languages that are different from software specification languages. The use of two different languages for software specification and attack specification may generate redundant and conflicting requirements. The advantage of using the same language for both functional specifications and attacks specifications is that software designers can address the two different issues without learning two types of languages. We present a method of integrating Abstract State Machine Language (AsmL) and Unified Modeling Language (UML) state charts that are extended finite state machine based software specification languages, with an open source IDS Snort. This work provides AsmL and UML users an IDS that they can use without knowing how to write Snort rules. We automatically translate attack scenarios written in AsmL and UML state charts into Snort rules with context information. The original Snort is modified so that it can use the rules automatically generated by the translator. Adding context information to Snort rules improves the detection capability of Snort. To show the efficacy of the presented approach, we have built a prototype and evaluated it using a number of well-known attack scenarios.