Font Size: a A A

The Modeling And Analysis On Use Case Driven Role Based Access Control Based On Graph Transformation

Posted on:2009-11-08Degree:MasterType:Thesis
Country:ChinaCandidate:J LinFull Text:PDF
GTID:2178360245982420Subject:Communication and Information System
Abstract/Summary:PDF Full Text Request
The access control technology in Information Security is essential to all systems, and the Role Based Access Control is a popular access model at present. It is more superior to the traditional DAC and MAC, more attention is paid on the modeling and analysis. In tradition, the security system was designed at the end of the system design; it made gaps between the security system and the system's requirement. When designed in the beginning of the security design process, it could identify security problems earlier in the system design in order to prevent gaps. And much work is concentrated in model judgment and analysis, the formalized model can help the developers to understand and analyze the model effectively.This thesis applies the use case modeling and graph transformation in Role Based Access Control, and does some studies on the modeling and formalization. It consists of three parts as follows:Firstly, this thesis proposes a method which describes the design and definition of the Role's rights in system modeling based on Use-Case, and considers the concept of Use Case from UML based on RBAC's characteristics which combines the Use-Case model with RBAC model by extending the Use Case and formalizing the scenario map. It meets the Least Privilege Rule.On the second aspect, the graph transformation is applied to model the RBAC. This thesis describes the graph rules and their application. Then this thesis analyzes the accuracy of the graph rules and gives a provident by a rule instance.Finally, this thesis designs an open laboratory management system, and does some researches on its modeling and the access control security model, gives analyses on formalization. Above all this method can help developers do effective working in modeling and analyses.
Keywords/Search Tags:role based access control, use case model, graph transformation, correctness
PDF Full Text Request
Related items