A Model-Driven Methodology for Developing Secure Data-Management Applications

被引：15

作者：

Basin, David ^{[1
]}

Clavel, Manuel ^{[2
]}

Egea, Marina ^{[3
]}

Garcia de Dios, Miguel A. ^{[2
]}

Dania, Carolina ^{[2
]}

机构：

[1] ETH, Dept Comp Sci, Zurich, Switzerland

[2] IMDEA Software, Madrid 28223, Spain

[3] ATOS Res & Innovat, Madrid, Spain

来源：

IEEE TRANSACTIONS ON SOFTWARE ENGINEERING | 2014年 / 40卷 / 04期

关键词：

Model-driven development; model-driven security; access control; GUI models; model transformation; GENERATION;

D O I：

10.1109/TSE.2013.2297116

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

We present a novel model-driven methodology for developing secure data-management applications. System developers proceed by modeling three different views of the desired application: its data model, security model, and GUI model. These models formalize respectively the application's data domain, authorization policy, and its graphical interface together with the application's behavior. Afterwards a model-transformation function lifts the policy specified by the security model to the GUI model. This allows a separation of concerns where behavior and security are specified separately, and subsequently combined to generate a security-aware GUI model. Finally, a code generator generates a multi-tier application, along with all support for access control, from the security-aware GUI model. We report on applications built using our approach and the associated tool.

引用

页码：324 / 337

页数：14

共 50 条

[1] Model-Driven Development of Secure Service Applications
Borek, Marian
Moebius, Nina
Stenzel, Kurt
Reif, Wolfgang
PROCEEDINGS OF THE 2012 IEEE 35TH SOFTWARE ENGINEERING WORKSHOP (SEW 2012), 2012, : 62 - 71
[2] A Model-Driven Methodology Approach for Developing a Repository of Models
Hamid, Brahim
MODEL AND DATA ENGINEERING, MEDI 2014, 2014, 8748 : 29 - 44
[3] Modernizing Secure OLAP Applications with a Model-Driven Approach
Blanco, Carlos
Fernandez-Medina, Eduardo
Trujillo, Juan
COMPUTER JOURNAL, 2015, 58 (10): : 2351 - 2367
[4] Model-driven multidimensional modeling of secure data warehouses
Fernandez-Medina, Eduardo
Trujillo, Juan
Piattini, Mario
EUROPEAN JOURNAL OF INFORMATION SYSTEMS, 2007, 16 (04) : 374 - 389
[5] A model-driven approach for developing a model repository: Methodology and tool support
Hamid, Brahim
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2017, 68 : 473 - 490
[6] A model-driven methodology approach for developing na repository of models
Hamid, Brahim (hamid@irit.fr), 1600, Springer Verlag (8748):
[7] A model-driven configuration management methodology for testbed infrastructures
Galan, Fermin
Lopez de Vergara, Jorge E.
Fernandez, David
Munoz, Rauel
2008 IEEE NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM, VOLS 1 AND 2, 2008, : 747 - +
[8] Developing applications using model-driven design environments
Balasubramanian, K
Gokhale, A
Karsai, G
Sztipanovits, J
Neema, S
COMPUTER, 2006, 39 (02) : 33 - +
[9] Model-Driven Code Generation for Secure Smart Card Applications
Moebius, Nina
Stenzel, Kurt
Grandy, Holger
Reif, Wolfgang
ASWEC 2009: 20TH AUSTRALIAN SOFTWARE ENGINEERING CONFERENCE, PROCEEDINGS, 2009, : 44 - 53
[10] Model-driven coordinated management of data centers
Mukherjee, Tridib
Banerjee, Ayan
Varsamopoulos, Georgios
Gupta, Sandeep K. S.
COMPUTER NETWORKS, 2010, 54 (16) : 2869 - 2886

← 1 2 3 4 5 →