|
|
References
|
|
|
Ahn, G.J., Sandhu, R. (1999) The RSL 99 language for role-based separation of duty constraints. ACM RBAC99
|
|
|
Ahn, G.J., Shin, M.E. (2001) Role-based authorization constraints specification using object constraint language. in: WETICE ‘01, 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, Proceedings, 157-162
|
|
 
|
Ahn, G., Sandhu, R. (2000) Role-based authorization constraints specification. ACM Transactions on Information and System Security, 3(4): 207-226
|
|
|
Alam, M., Hafner, M., Memon, M., Hung, P. Modeling and enforcing advanced access control policies in healthcare systems with SECTET
|
|
|
Baird, R., Gamble, R. (2011) Developing a security meta-language framework. in: HICSS‘11 Proceedings of the 2011 Hawaii International Conference on System Sciences (XLIV), str. 1-10
|
|
|
Barker, S. (2009) The next 700 access control models or a unifying meta-model. in: SACMAT09, str. 187-196
|
|
|
Basin, D., Doser, J. (2005) Model Driven Security: from UML Models to Access Control Infrastructures. Information Security Group. ETH Zurich
|
|
|
Basin, D., Clavel, M., Doser, J., Egea, M. (2007) A Metamodel- Based Approach for Analyzing Security-Design Models. in: MoDELS, 420-435
|
|
|
Bézivin, J. (2005) Model driven engineering: An emerging technical space. in: Proceedings of the international conference on Generative and Transformational Techniques in Software Engineering, str. 36-64
|
|
|
Busch, M., Koch, N., Masi, M., Pugliese, R., Tiezzi, F. (2012) Towards model-driven development of access control policies for web applications. in: MDsec 2012, Innsbruck
|
|
|
Cirit, Ç., Buzluca, F. (2009) A UML Profi le for Role-Based Access Control. in: SIN ‘09 Proceedings of the 2nd international conference on Security of information and networks, 83-92
|
|
|
Crampton, J. XACML and role-based access control. in: DIMACS Workshop on Secure Web Services and e-Commerce
|
|
|
Dae-Kyoo, K., Indrakshi, R., France, R., Li, N. (2004) Modeling role-based access control using parameterized UML models. in: FASE, str. 80-193
|
|
|
Dejanović, I. (2008) Metamodel, editor modela i generator poslovnih aplikacija. Novi Sad: FTN, magistarska teza
|
|
|
Department of Defense National Computer Security Center (1985) Trusted computer system evaluation criteria. Orange book
|
|
|
Djuric, D., Gaševi, D., Devedžic, V. (2006) The Tao of Modeling Spaces. Journal of Object Technology, 5(8): 125
|
|
|
Essmayr, W., Probst, S., Weippl, E. (2004) Role-Based Access Controls: Status, Dissemination, and Prospects for Generic Security Mechanisms. Electronic Commerce Research, 4(1/2): 127-156
|
|
2
|
Ferraiolo, D.R., Kuhn, D.R., Chandramouli, R. (2003) Role-based access control. Artech House
|
|
|
France, R., Rumpe, B. (2007) Model-driven development of complex software: A research roadmap. in: Future of Software Engineering, 37-54
|
|
|
Hafner, M., Breu, R., Agreiter, B., Nowak, A. (2006) Sectet: an extensible framework for the realization of secure inter-organizational workflows. Internet Research, 16(5): 491-506
|
|
|
Hummer, W., Gaubatz, P., Strembeck, M., Zdun, U., Dustdar, S. (2011) An integrated approach for identity and access management in a SOA context. in: SACMAT11, Innsbruck, str. 21-30
|
|
|
Juerjens, J. (2005) Secure systems development with UML. Berlin, itd: Springer Verlag
|
|
|
Jürjens, J. (2002) UMLsec: Extending UML for secure systems development. in: UML02 Proceedings of the International Conference on The Unifi Modeling Language (V), str. 412-425
|
|
|
Kent, S. (2002) Model driven engineering. in: Proceedings of the International Conference on Integrated Formal Methods (III), str. 286-298
|
|
|
Lampson, B.W. (1971) Protection. in: Information Sciences and Systems, 5th Princeton Conference, Proceedings
|
|
|
Lang, U., Schreiner, R. (2008) Model driven security management: Making security management manageable in complex distributed systems. in: MODELS ć08
|
|
|
Lodderstedt, T., Basin, D., Doser, J. (2002) Secure UML: A UML based modeling language for model-driven security. in: Proceedings of the International Conference on The Unifi Modeling Language (V)
|
|
|
Mankai, M., Logrippo, L. (2005) Access control policies: Modeling and validation. in: Logrippo-Proceedings of the 5th NOTERE Conference, Gatineau, Canada, 85-91
|
|
|
Martínez, S., Cabot, J., Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N. (2012) A model-driven approach for the extraction of network access-control policies. in: MDsec 2012, Innsbruck
|
|
|
Massacci, F., Zannone, N. (2008) A model-driven approach for the specification and analysis of access control policies. in: OTM‘08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008, str. 1087-1103
|
|
|
Mellor, S.J., Clark, A.N., Futagami, T. (2003) Model-driven development - Guest editor's introduction. IEEE Software, 20(5): 14-18
|
|
|
Mouelhi, T., Fleurey, F., Baudry, B., Traon, Y.L. (2008) A model-based framework for security policy specification, deployment and testing. in: MoDELS‘08: Proceedings of the international conference on Model Driven Engineering Languages and Systems (XI), str. 537-552
|
|
|
O.M.G. Unified modeling language: Infrastructure, version 2.O. formal/05-07-05
|
|
|
OASIS (2010) eXtensible Access Control Markup Language (XACML) Version 3. O. http://www.oasis-open.org
|
|
|
OASIS (2007) Web services business process execution language version 2. O. OASIS Standard, http://www.oasis-open.org, April
|
|
|
Olivier-Nathanaël, B.D., Benoit, B. (2012) Toward a Modeldriven Access-control Enforcement Mechanism for Pervasive Systems. in: MDsec 2012, Innsbruck, Austria
|
|
|
Pierangela, S., de Capitani, V.S. (2001) Access control: Policies, models, and mechanisms
|
|
|
Ray, I., Li, N., Kim, D.K., France, R. (2003) Using parameterized UML to specify and compose access control models. in: Proceedings of the IFIP TC-11 WG 11.5 Working Conference on Integrity and Internal Control in Information Systems (VI), Lausanne, str. 49-65
|
|
|
Reznik, J., Ritter, T., Schreiner, R., Lang, U. (2007) Model Driven Development of Security Aspects. Electronic Notes in Theoretical Computer Science, 163(2): 65-79
|
|
|
Sanchez, O., Molina, F., Garcıa-Molina, J., Toval, A. (2009) ModelSec: A Generative Architecture for Model-Driven Security. Journal of Universal Computer Science, vol. 15, no. 15, pp. 2957-2980
|
|
|
Sandhu, R., Samarati, P. (1996) Authentication, access control, and audit. ACM Computing Surveys, 28(1): 241-243
|
|
|
Schaad, A., Moffett, J., Jacob, J. (2001) The role-based access control system of a European bank: A case study and discussion. in: SACMAT 01
|
|
|
Schmidt, D.C. (2006) Model-driven engineering. IEEE Computer, Vol.39, No.2, 25-31
|
|
|
Sladic, G., Milosavljevic, B., Surla, D., Konjovic, Z. (2012) Flexible access control framework for MARC records. Electronic Library, 30(5): 623-652
|
|
|
Sladić, G., Milosavljević, B., Konjović, Z., Vidaković, M. (2011) Access control framework for XML document collections. Computer Science and Information Systems / ComSIS, vol. 8, br. 3, str. 591-609
|
|
|
Sladić, G. (2006) Proširivi sistem za kontrolu pristupa XML dokumentima zasnovanu na korisničkim ulogama. Novi Sad, magistarska teza
|
|
|
Slimani, N., Khambhammettu, H., Adi, K., Logrippo, L. (2011) UACML: Unifi ed access control modeling language. in: IFIP International Conference on New Technologies, Mobility and Security (NTMS) (IV), str. 1-8
|
|
|
Strembeck, M., Mendling, J. (2011) Modeling process-related RBAC models with extended UML activity models. Information and Software Technology, 53(5): 456-483
|
|
|
Sun, W., France, R., Ray, I. (2011) Rigorous analysis of UML access control policy models. in: POLICY‘11 Proceedings of the 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, str. 9-16
|
|
|
Zarnett, J., Tripunitara, M., Lam, P. Role-Based Access Control (RBAC) in Java via Proxy objects using annotations. in: Proceedings of the ACM symposium on Access control models and technologies (XV), str. 79-88
|
|
|
|
|