SECTET-PL & SECTET-UML

SECTET-PL is a policy language influenced by Object Constraint Language and interpreted in the context of UML models.
Specurity Aspects
Name
Description
Access control conditions based that refer to roles, attributes of elements, and documents, e.g., the content of a variable.
Specification Elements
Name
Description
A service offered to partners, such as a web-service.
An operation that is provided over an interface.
Reference to the messages each Partner exchanges.
Each role either stands for a human being or some other system that authenticates to the given node.
All sub roles specific to a concrete partner role.
A reference to the callers of a web service.
The DynamicSecurityRequirement represents a security requirement and is the super class of the SECTETPLExp which defines the structure of the SECTET-PL expressions.
A security requirement expressed as expression in SECTET-PL
Each Permission or Prohibition (if isNegative=true) is associated with a SECTETPLExp, with a RoleRef and with a ResourceRef which in this case is an Operation of a Service.
A reference to a resource to be accessed.
A reference to the role from which an access should be performed
Indicates that attribute values in the corresponding entity can be distributed, which means that the corresponding entity (e.g. patient data) can be possessed by some other Partner (or hospital) in the workflow
Indicates that the corresponding attribute is unique and serves as a primary key for the entity. This key attribute can also be used during navigation to locate a particular object of the entity.
Contributes services to the outside with a given data type and authorization requirements.
Indicates that the corresponding interface is not transformed to XML schema but refers to the security infrastructure in order to verify a certain relationship between the caller of the web service and a particular element of the Document Model.