Pattern-based method for Secure Development (PbSD)

Describes role-based access control for objects and actors in the system.
Specurity Aspects
Name
Description
Access control conditions that refer to the state of a system, e.g., the state of a protected resource, parameter values, date or time.
Specification Elements
Name
Description
Either describes the roles a user in the system has or which roles may access an object, i.e., some data in the system.
Describes a collection of information that should be protected in the system. Akin to a database table.
An access control condition for protected objects in relation to roles and the state of a system.

  • Security Aspects

    • Role-Based Access Control

      Access control conditions that refer to the state of a system, e.g., the state of a protected resource, parameter values, date or time.
      Specification Elements:
      Protected Object
      Role
      Threats:
      Information Disclosure

    Specification Elements

    • Role

      Either describes the roles a user in the system has or which roles may access an object, i.e., some data in the system.
      Applies to:
      Entity
      Data

    • Protected Object

      Describes a collection of information that should be protected in the system. Akin to a database table.
      Applies to:
      Data

    • Constraint

      An access control condition for protected objects in relation to roles and the state of a system.
      Applies to:
      State