| With the rapid development of software technology, Web applications are moving towards a multi-user and multe-role cooperative direction. When designing and testing multi-role, collaborative Web applications, users’interactive operations are constrained by multiple dynamic context, so security verification is essential. Traditional access control mechanisms such as role-base access control (RBAC), access control list (ACL) can’t satisfy the need of context verification, and UML2 can’t extract context conditions from workflow models, so the reasoning and verification can’t be done.In this paper, Context Decision Tree (CDT for short) is proposed based on the analysis of context, and it has been working on a Virtual Community Management System (VCMS for short). The Web technologies help CDT model more practical. Firstly, Web security technologies are introduced. Aiming at the shortages in these technologies, CDT model is proposed referring to the concept of decision tree and context. A meta-model of CDT is introduced to describe the modeling standard, and token is used to make dynamic calculation rules, so as to get a connected and loop-free directed graph model with constraint rules and optimization methods. CDT is developed with Web layered context model, and CDT is used for the Web workflow modeling of VCMS. By the calculation of CDT paths, conjunctions of multiple conditions can be gotten to be compared with the requirement specification to verify security, consistency and finding redundancy. At last, test cases are designed referring to the CDT paths for the system, and it passes these cases. It proves that the CDT model based on the multi-role cooperative Web application can better satisfy the requirements of security verification for complex context, and CDT is also standardized, applicable and extensible. |
PDF Full Text Request