Metamodel
The metamodel for the proposed approach.
Specurity Aspects
Name
Description
Plan security policies and detect conflicts early
Specification Elements
Name
Description
The entity that performs an action.
The target of an action.
A set consisting of multiple operations.
A concrete functionality performed on an interface provided by a port.
Specifies what actions a given subject (agent, user, role, or process) is permitted or forbidden to perform on a set of target objects.
Denotes the security policy on the architectural model.
Denotes whether a subject is authorized, forbidden, obligated or not obligated to perform an action.
Security Aspects
Authorization and obligation security policies
Plan security policies and detect conflicts early- Specification Elements:
- Action
- Modality
- Operation
- PolicyLink
- SecurityPolicy
- Subject
- TargetObject
- Threats:
- Spoofing
- Elevation of Privileges
- Tampering with Data
- Denial of Service
- Information Disclosure
Specification Elements
Subject
The entity that performs an action.TargetObject
The target of an action.Action
A set consisting of multiple operations.- Applies to:
- Activity
Operation
A concrete functionality performed on an interface provided by a port.- Applies to:
- Activity
SecurityPolicy
Specifies what actions a given subject (agent, user, role, or process) is permitted or forbidden to perform on a set of target objects.- Applies to:
PolicyLink
Denotes the security policy on the architectural model.- Applies to:
- Connection
Modality
Denotes whether a subject is authorized, forbidden, obligated or not obligated to perform an action.- Applies to:
- Activity