An Aspect-Oriented Approach to Developing UML Models of Access Control Systems
The proposed research is concerned with developing aspect-oriented design (AOD) techniques that facilitate the development of UML models of secure software systems based on access control mechanisms. This requires addressing the following issues: (1) developing a rigorous notation for describing access control mechanisms in a form that promotes their reusability and composibility with UML models, (2) developing weaving algorithms to systematically incorporate access control properties into an application model, (3) analyzing woven models to verify correct realization of the access control mechanism applied, (4) developing a prototype tool that supports weaving and analysis of woven models,(5) validating the effectiveness of the techniques and prototype tool developed in this research.
Major merits of the research include that (1) the proposed approach increases the reusability and understandability of access control mechanisms, (2) the weaving techniques provide systematic ways of incorporating access control mechanisms into UML models, (3) the evaluation techniques allow one to rigorously check security assurance for woven models, and (4) woven models can be served as a basis for generating implementation code. The results of the research will be validated in collaboration with industries, disseminated via research papers, and incorporated in software engineering and security courses.
