Run-time generation, transformation, and verification of access control models for self-protection

Self-adaptive access control, in which self-* properties are applied to protecting systems, is a promising solution for the handling of malicious user behaviour in complex infrastructures. A major challenge in self-adaptive access control is ensuring that chosen adaptations are valid, and produce a satisfiable model of access. The contribution of this paper is the generation, transformation and verification of Role Based Access Control (RBAC) models at run-time, as a means for providing assurances that the adaptations to be deployed are valid. The goal is to protect the system against insider threats by adapting at run-time the access control policies associated with system resources, and access rights assigned to users. Depending on the type of attack, and based on the models from the target system and its environment, the adapted access control models need to be evaluated against the RBAC metamodel, and the adaptation constraints related to the application. The feasibility of the proposed approach has been demonstrated in the context of a fully working prototype using malicious scenarios inspired by a well documented case of insider attack

Model-Based Analysis of Role-Based Access Control

Model-Driven Engineering (MDE) has been extensively studied. Many directions have been explored, sometimes with the dream of providing a fully integrated approach for designers, developers and other stakeholders to create, reason about and modify models representing software systems. Most, but not all, of the research in MDE has focused on general-purpose languages and models, such as Java and UML. Domain-specific and cross-cutting concerns, such as security, are increasingly essential parts of a software system, but are only treated as second-class citizens in the most popular modelling languages. Efforts have been made to give security, and in particular access control, a more prominent place in MDE, but most of these approaches require advanced knowledge in security, programming (often declarative), or both, making them difficult to use by less technically trained stakeholders. In this thesis, we propose an approach to modelling, analysing and automatically fixing role-based access control (RBAC) that does not require users to write code or queries themselves. To this end, we use two UML profiles and associated OCL constraints that provide the modelling and analysis features. We propose a taxonomy of OCL constraints and use it to define a partial order between categories of constraints, that we use to propose strategies to speed up the models’ evaluation time. Finally, by representing OCL constraints as constraints on a graph, we propose an automated approach for generating lists of model changes that can be applied to an incorrect model in order to fix it. All these features have been fully integrated into a UML modelling IDE, IBM Rational Software Architect

Model-Based Analysis of Role-Based Access Control

Model-Driven Engineering (MDE) has been extensively studied. Many directions have been explored, sometimes with the dream of providing a fully integrated approach for designers, developers and other stakeholders to create, reason about and modify models representing software systems. Most, but not all, of the research in MDE has focused on general-purpose languages and models, such as Java and UML. Domain-specific and cross-cutting concerns, such as security, are increasingly essential parts of a software system, but are only treated as second-class citizens in the most popular modelling languages. Efforts have been made to give security, and in particular access control, a more prominent place in MDE, but most of these approaches require advanced knowledge in security, programming (often declarative), or both, making them difficult to use by less technically trained stakeholders. In this thesis, we propose an approach to modelling, analysing and automatically fixing role-based access control (RBAC) that does not require users to write code or queries themselves. To this end, we use two UML profiles and associated OCL constraints that provide the modelling and analysis features. We propose a taxonomy of OCL constraints and use it to define a partial order between categories of constraints, that we use to propose strategies to speed up the models’ evaluation time. Finally, by representing OCL constraints as constraints on a graph, we propose an automated approach for generating lists of model changes that can be applied to an incorrect model in order to fix it. All these features have been fully integrated into a UML modelling IDE, IBM Rational Software Architect

Practical Implementation of DokuWiki

Import 03/08/2012Smyslem této bakalářské práce je nasadit systém DokuWiki pro potřeby vedení studentských semestrálních projektů na Katedře telekomunikační techniky. První část práce se věnuje obecné teorii publikování na internetu a s tím spojených webových technologií s navazující problematikou ověření identity a autentizace přístupu k systémům. V druhé části se pak práce zabývá samotným řešením nasazení systému v prostředí vnitřní sítě VŠB-TU. V závěru jsou pak shrnuty poznatky a doporučení.The purpose of this bachelor degree thesis is application of the system DokuWiki for the needs of management and administration of student semestral projects at the Department of telecommunications. The first part of the work deals with general theory of publishing on the internet and with web technologies related to it, with connected issues of identity verification and authentication of access to the systems. The second part deals with the solution of the system implementation in the environment of VŠB-TU internal network. Conclusions summarize the findings and recommendations.460 - Katedra informatikyvelmi dobř

Beiträge zu Business Intelligence und IT-Compliance

[no abstract

Identity Management Systems

Identity management systems allow larger organizations management and control over resources, used by identites. Primarily, these systems maintain and enforce security and other organizational policies. Secondary task is to provide a framework for automation of repetitive tasks and self service processes, which allows a reduction of workload on helpdesk services and yet provides traceability for individual request. We’ll go through some of most important supporting security protocols, which ensure identity authentication and data protection, their principles, security assessment and most common vectors of attacks. In our work, we’ll present structure of two identity management systems, OpenIDM and Microsoft Identity Manager 2016, their advantages and disadvantages when it comes to connecting with backend systems within organization, installation and implementation of the system on problem domain, introduction and maintenance of the system for identity management. Additionally, we’ll evaluate integration with both OpenLDAP directory and PostgreSQL database. Both systems are developed in accordance with open source philosophy therefore they’re interesting for implementation in order to reduce costs of using licensed software. PostgreSQL database will be used as an identity data source. User accounts will be created in OpenLDAP based on the data from PostgreSQL

Zugriffskontrolle in dienstorientierten Architekturen

Diese Arbeit zeigt, wie Zugriffskontrolle im Kontext Webservice-basierter dienstorientierter Architekturen umgesetzt werden kann. Dazu wird zunächst eine querschnittlich nutzbare, dienstorientierte Zugriffskontroll-Architektur entwickelt, die eine Erweiterung der dienstorientierten Fach-Architektur darstellt. Parallel wird ein Zugriffskontroll-Modell und eine zugehörigen Policy-Sprache spezifiziert sowie die Einbettung in einen modellgetrieben Software-Entwicklungsprozess geschaffen

Methodical support for model-driven software engineering with enterprise models

A central research goal in information systems science is to achieve a close alignment between business processes, structures of organizations, and the functionality offered by enterprise information systems (EISs), which are used to support the work of organizations. Traditionally, there is a methodical gap between describing organizational incidents and software functionality, because organizations and software systems are understood and constructed with different terminology and on different levels of abstractions, typically also by differently educated groups of people. In enterprise models (EMs), dedicated modeling language elements are used to express knowledge about processes in organizations, e. g., about who is responsible for performing actions, what resources are involved, and what strategic goals are intended to be realized by organizational means. The work at hand shows, how EISs can be created based on this knowledge, which serve as supporting software for performing these tasks. Software development traditionally has to face a distinction between people who work with software, and people who create software. With the use of EMs, a chance opens up to closer involve the users of software systems into the process of developing and configuring the software. Building software from enterprise models is desirable, because once a dedicated relationship between enterprise models and software functionality has been established by a development method, involved users and responsible stakeholders can adapt the software according to their business needs, without having to deal with programming or technical details. This increases efficiency both in developing and operating the software, because software functionality is derived from requirements implicitly stated in EMs. Such a development procedure also promises to more efficiently adapt EIS to dynamic changes in organizations and their environment. Trust in the developed software system is also increased by involving users and responsible stakeholders into specifying the resulting software functionality. The following research work elaborates a software development method to create EISs from EMs. The method is designed as a generic framework to work with any enterprise modeling language, and to generate software for any target system platforms, after appropriate configuration. Fundamental challenges in methodically transforming conceptual models to implementation artifacts, are faced by involving auxiliary models into the software creation process, and splitting up the transformation procedure into multiple dedicated phases. Using this approach, the abstraction gap between conceptual enterprise models and technical implementation artifacts gets systematically bridged by introduced methodical concepts, in order to perform an ontological turn from the bird’s-eye-view description perspective of enterprise models, to an internal system perspective describing technical details of a software system. The elaborated method provides means for efficiently guiding modelers and software developers through the software engineering process. It can be configured at multiple points, to choose the degree of automation on a continuum between a manually supervised development process with methodically scheduled manual development steps, and a zero-coding 100% code generation approach. To clarify the theoretically introduced concepts, prototypical implementation examples are included in the present work. They demonstrate how to configure the method with model-transformations, validity checks, and domain-specific modeling languages, and serve as initial example cases for enterprise model driven software development using the Software Engineering with Enterprise Models (SEEM) method.Ein zentrales Forschungsziel der Wirtschaftsinformatik ist es, einen Abgleich zwischen den Geschäftsprozessen und Strukturen von Organisationen, und der Funktionalität von Unternehmensinformationssystemen (Enterprise Information Systems, EIS), zu erreichen, mit denen die Arbeit von Organisationen unterstützt wird. Traditionell besteht eine methodische Kluft zwischen der Beschreibung organisationaler Gegebenheiten und der Funktionalität von Software, denn Organisationen und Softwaresysteme werden mit verschiedener Terminologie und auf verschiedenen Abstraktionsebenen beschrieben und konstruiert, und dies typischerweise von verschieden ausgebildeten Personengruppen. In Unternehmensmodellen werden dedizierte Sprachmittel genutzt, um Wissen über Prozesse in Organisationen zu modellieren, zum Beispiel über handelnde und verantwortliche Akteure, eingesetzte Ressourcen, oder strategische Ziele, die durch organisatorische Mittel erreicht werden sollen. Die vorliegende Arbeit zeigt, wie basierend auf diesem Wissen EIS entwickelt werden können, die als unterstützende Software zur Ausführung dieser Aufgaben dienen. Softwareentwicklung sieht sich traditionell mit einer Trennung zwischen Personen, die mit Software arbeiten, und Personen, die Software erstellen, konfrontiert. Unter Nutzung von Unternehmensmodellen eröffnet sich eine Chance, Benutzer enger in den Prozess der Entwicklung und Konfiguration von Software einzubinden. Es ist wünschenswert, Unternehmensmodelle zur Softwareentwicklung methodisch heranzuziehen, denn sobald eine nachvollziehbare Beziehung zwischen Unternehmensmodellen und Software-Funktionalität mit Hilfe einer Entwicklungsmethode etabliert ist, können beteiligte Nutzer die Software selbst entsprechend ihrer Bedürfnisse mittels Unternehmensmodellierung anpassen, ohne mit Programmierung oder technischen Details umgehen zu müssen. Das erhöht die Effizienz sowohl bei der Entwicklung als auch Anwendung der Software, denn die Software-Funktionalität wird aus Anforderungen abgeleitet, die implizit in Unternehmensmodellen erfasst sind. Eine solche Entwicklungsmethode verspricht außerdem, EIS an dynamische Veränderungen in Organisationen und deren Umgebung effizienter und kostengünstiger anpassen zu können. Außerdem wird das Vertrauen in die entwickelte Software wird durch Einbeziehung von Nutzern in die Anforderungsspezifikaton gestärkt, wenn Anwender und Leitungsverantwortliche in der Lage sind, die Funktionalität der Software in eigener Verantwortung zu gestalten. Die nachfolgend dargestellten Forschungen erarbeiten eine Software-Entwicklungsmethode zur Erstellung von EIS aus Unternehmensmodellen. Die Methode ist als generischer Rahmen entworfen und kann prinzipiell mit jeder Unternehmensmodellierungssprache verwendet werden, und für jede Zielarchitektur Software erstellen, nach entsprechender Konfiguration. Grundsätzliche Herausforderungen, die sich beim methodischen Übergang von konzeptionellen Modellen zu Implementierungsartefakten stellen, werden durch die Einführung von ergänzenden Zusatzmodellen in den Software-Entwicklungsprozess, sowie die Aufteilung des Transformationsverfahrens in mehrere dedizierte Phasen, angegangen. Mit diesem Ansatz wird die Abstraktionslücke zwischen konzeptionellen Unternehmensmodellen und Implementierungsartefakten durch methodische Konzepte systematisch überbrückt, um die Beschreibungsperspektive von der Vogelperspektive der Unternehmensmodellierung hin zur internen Systemsicht auf Details eines Softwaresystems ontologisch zu drehen. Die erarbeitete Methode erlaubt es, Software-Architekten und -Entwickler effizient durch den Entwicklungsprozess zu leiten. Sie kann an verschiedenen Stellen konfiguriert werden, um den Automationsgrad auf einem Kontinuum zwischen einem manuell beaufsichtigten Entwicklungsprozess mit methodisch vorgesehenen manuellen Entwicklungsschritten, oder einem “zero-coding” Entwicklungsansatz mit 100% Code-Generierung, auszuwählen. Zur Veranschaulichung der theoretisch eingeführten Konzepte enthält die vorliegende Arbeit prototypische Implementierungsbeispiele. Sie demonstrieren die Konfiguration der Methode mit Modelltransformationen, Modellvalidierungen und domänenspezifischen Modellierungssprachen, und dienen als erste Anwendungsbeispiele für Unternehmensmodellgetriebenen Softwareentwicklung mit der Software Engineering with Enterprise Models (SEEM) Methode

Model-Driven Aspect-Oriented Software Security Hardening

Security is of paramount importance in software engineering. Nevertheless, security solutions are generally fitted into existing software as an afterthought phase of the development process. However, given the complexity and the pervasiveness of today's software systems, adding security as an afterthought leads to huge cost in retrofitting security into the software and further can introduce additional vulnerabilities. Furthermore, security is a crosscutting concern that pervades the entire software. Consequently, the manual addition of security solutions may result in the scattering and the tangling of security features throughout the entire software design. Additionally, adding security manually is tedious and generally may lead to other security flaws. In this context, the need for a systematic approach to integrate security practices into the early phases of the software development process becomes crucial. In this thesis, we elaborate an aspect-oriented modeling framework for software security hardening at the UML design level. More precisely, the main contributions of our research are the following: (i) We define a UML profile for the specification of security hardening mechanisms as aspects. (ii) We design and implement a weaving framework for the systematic injection of security aspects into UML design models. (iii) We explore the theoretical foundations for aspect matching and weaving. (iv) We conduct real-life case studies to demonstrate the viability and the scalability of the proposed framework

Evaluierung einer cloud-native Entwicklungsumgebung für das modellbasierte Systems Engineering für Raumfahrtsysteme

MBSE must support a wide variety of configurations because it works with a variety of soft-ware and interfaces. The resource requirements of the software used can exceed the capaci-ties of a local computer. Cloud computing promises to meet the increasing demands. MBSE tools exist for space systems, but none of these tools take advantage of a cloud environment. In recent years, open-source projects such as Eclipse Theia, EMF.Cloud and Eclipse Che have been developed which make it possible to develop a cloud-native development envi-ronment for MBSE. However, no development environment has yet been implemented that takes advantage of the cloud for computation. To determine the requirements for an MBSE tool in the cloud, a questionnaire with two rounds is conducted. In the first round, requirements are collected as user stories. In the second round, the requirements are categorized according to the Kano model. A total of 52 requirements were identified, of which 19 were identified as enthusiasm, 20 as basic, 3 as performance and 10 as irrelevant. The performance analysis showed that complex computations scale similarly to local execution. If simpler computations are performed, the local computation is significantly faster due to the elimination of the com-munication overhead