Query-based Access Control for Secure Collaborative Modeling using Bidirectional Transformations

Large-scale model-driven system engineering projects are carried out collaboratively. Engineering artifacts stored in model repositories are developed in either offline (checkout modify-commit) or online (GoogleDoc-style) scenarios. Complex systems frequently integrate models and components developed by different teams, vendors and suppliers. Thus confidentiality and integrity of design artifacts need to be protected by access control policies. We propose a technique for secure collaborative modeling where (1) fine-grained access control for models can be defined by model queries, and (2) such access control policies are strictly enforced by bidirectional model transformations. Each collaborator obtains a filtered local copy of the model containing only those model elements which they are allowed to read; write access control policies are checked on the server upon submitting model changes. We illustrate the approach and carry out an initial scalability assessment using a case study of the MONDO EU project.