View-based Access Control Model
The Meta Object Facility model for the VBAC-PIM meta-model.
Specurity Aspects
Name
Description
Generate the security policy to be deployed in the security infrastructure.
Specification Elements
Name
Description
Roles can be ordered in a hierarchy (extends-association), may exclude each other, i.e., one principal cannot play two (or more) roles in mutual exclusion relation at the same time, and may require other roles as a prerequisite. Roles may be assigned to several principals and principals may play several roles at the same time.
Defines the maximal number of principals that must/can play a role.
Defines the minimum number of principals that must/can play a role.
An entity that can be authenticated by the system.
can be either an AssignExpression used to assign a view to a role or a principal or a RemoveExpression to remove a view from a role or a principal.
Consists of several expressions.
An object implementing an interface.
Specifies an object as a place holder.
Consists of a (possibly empty) permission set and a (possibly empty) denial set.
Contains rights to call operations of an interface.
Required to call operations of an interface.
Contains rights to call operations of an interface.
Security Aspects
View-Based access Control
Generate the security policy to be deployed in the security infrastructure.- Specification Elements:
- Role
- maxCard
- minCard
- Principal
- Expression
- Schema
- Resource
- RessourceSpecifier
- View
- PermissionSet
- Right
- DenialSet
- Threats:
- Spoofing
- Tampering with Data
- Information Disclosure
- Elevation of Privileges
Specification Elements
Role
Roles can be ordered in a hierarchy (extends-association), may exclude each other, i.e., one principal cannot play two (or more) roles in mutual exclusion relation at the same time, and may require other roles as a prerequisite. Roles may be assigned to several principals and principals may play several roles at the same time.- Applies to:
- Entity
maxCard
Defines the maximal number of principals that must/can play a role.- Applies to:
- Data
minCard
Defines the minimum number of principals that must/can play a role.- Applies to:
- Data
Principal
An entity that can be authenticated by the system.- Applies to:
- Entity
Expression
can be either an AssignExpression used to assign a view to a role or a principal or a RemoveExpression to remove a view from a role or a principal.- Applies to:
- Data
Schema
Consists of several expressions.- Applies to:
- Entity
Resource
An object implementing an interface.- Applies to:
- Entity
RessourceSpecifier
Specifies an object as a place holder.- Applies to:
- Entity
View
Consists of a (possibly empty) permission set and a (possibly empty) denial set.- Applies to:
- State
PermissionSet
Contains rights to call operations of an interface.- Applies to:
- State
Right
Required to call operations of an interface.- Applies to:
- State
DenialSet
Contains rights to call operations of an interface.- Applies to:
- State