Enforcing access control with model transformations

Tweet about this on TwitterShare on FacebookBuffer this pageShare on RedditShare on LinkedInShare on Google+Email this to someone

Our second paper at SLE’2016 (here our first one) was titled: Runtime support for rule-based access-control evaluation through model-transformation and described how you can use model transformations to specify rule-based access control policies AND how to then enforce them at run-time by executing the transformations when needed. Sounds interesting? Get the full pdf of the paper or at least check the summaryand slides below.

Summary

Access-control policies, often the mechanism of choice to implement the security requirements of confidentiality and integrity, can be found in a wide range of application scenarios. Although there are standard languages for access- control and a plethora of works devoted to ensure the well- formedness of access-control policies, little attention has been paid to the problem of providing robust and adapt- able runtime evaluation engines for the integration of access- control in new DSL’s and platforms. Indeed, the integration of access-control requires the development of critical infrastructure facilities around it, so that the policies can be: 1) analyzed and validated and 2) efficiently evaluated against run-time access requests.

In order to solve this problem, this paper explores the use of the already mature model transformation frameworks as modern, application-independent infrastructures for access- control languages i.e., following the Policy Enforcement Point(PEP)-Policy Decision Point(PDP) architecture.

PEP-PDP Architecture and Workflow

PEP-PDP Architecture and Workflow

More specifically, we show how model-driven engineering and the ATL model-transformation framework can be used to lift the infrastructure development burden from developers by providing a robust, flexible and re-usable runtime evaluation engine for rule-based access-control policies.

The complete picture of the approach we’re proposing is the following. Some of these steps can be predefined for basic users to facilitate the implementation of the approach. Advanced users are able to configure all of them. Given a specific policy language of choice, we build a HOT (higher-order transformations ) that can generate model transformations aimed to enforce the policies written in that policy language. At run-time, these transformations will read the access requests (expressed as a request model) and return a decision (expressed as an evalution model).

 

img_581bdd6c05f7a

 

Maybe the slides will help you clarify this concept (or remember you can also refer to the full paper):

Tweet about this on TwitterShare on FacebookBuffer this pageShare on RedditShare on LinkedInShare on Google+Email this to someone

Reply

Your email address will not be published. Required fields are marked *