%0 Conference Proceedings
%T Leveraging UML for Security Engineering and Enforcement in a Collaboration on Duty and Adaptive Workflow Model That Extends NIST RBAC
%+ University of Connecticut (UCONN)
%+ Pontificia Universidad Javeriana (PUJ)
%+ Universidad Católica del Norte [Antofagasta]
%A Berhe, Solomon
%A Demurjian, Steven
%A Gokhale, Swapna
%A Pavlich-Mariscal, Jaime
%A Saripalle, Rishi
%Z Part 9: Short Papers
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 23th Data and Applications Security (DBSec)
%C Richmond, VA, United States
%Y Yingjiu Li
%I Springer
%3 Data and Applications Security and Privacy XXV
%V LNCS-6818
%P 293-300
%8 2011-07-11
%D 2011
%R 10.1007/978-3-642-22348-8_25
%Z Computer Science [cs]Conference papers
%X To facilitate collaboration in the patient-centered medical home (PCMH), our prior work extended the NIST role-based access control (RBAC) model to yield a formal collaboration on duty and adaptive workflow (COD/AWF) model. The next logical step is to place this work into the context of an integrated software process for security engineering from design through enforcement. Towards this goal, we promote a secure software engineering process that leverages an extended unified modeling language (UML) to visualize COD/AWF policies to achieve a solution that separates concerns while still providing the means to securely engineer dynamic collaborations for applications such as the PCMH. Once defined, these collaboration UML diagrams can be utilized to generate the corresponding aspect oriented policy code upon which the enforcement mechanism can be applied to at runtime.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01586593/document
%2 https://inria.hal.science/hal-01586593/file/978-3-642-22348-8_25_Chapter.pdf
%L hal-01586593
%U https://inria.hal.science/hal-01586593
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-6818