Thesis (Selection of subject)Thesis (Selection of subject)(version: 308)
Assignment details
Framework and DSL for Ensemble-Based Access Control
Thesis title in Czech: Framework a DSL pro řízení přístupu založené na ansámblech
Thesis title in English: Framework and DSL for Ensemble-Based Access Control
Key words: komponentové ensembly, řízení přístupu, doménově specifický jazyk
English key words: component ensembles, access control, domain-specific language
Academic year of topic announcement: 2018/2019
Type of assignment: diploma thesis
Thesis language: angličtina
Department: Department of Distributed and Dependable Systems (32-KDSS)
Supervisor: prof. RNDr. Tomáš Bureš, Ph.D.
Author: Mgr. Jan Matějek - assigned and confirmed by the Study Dept.
Date of registration: 31.05.2019
Date of assignment: 31.05.2019
Confirmed by Study dept. on: 31.05.2019
Date and time of defence: 05.09.2019 09:00
Date of electronic submission:19.07.2019
Date of submission of printed version:19.07.2019
Date of proceeded defence: 05.09.2019
Reviewers: doc. RNDr. Jan Kofroň, Ph.D.
In traditional access control systems, permissions are typically specified as sets of static rules pertaining to individual entities under control. This can be impractical in real-world scenarios: authorization invariably depends on wider situational context which often tends to be highly dynamic. This leads to increasingly complex rules, which have to change over time to reflect dynamicity.

Ensemble-based architectures allow dynamic formation of goal-oriented groups in systems with large number of independent autonomous components. Because of the ad-hoc and situation-aware nature of group formation, ensembles offer a novel way of approaching access control.

The goal of this work is to design a Scala framework and internal DSL for describing access control related situations via ensembles. In particular, the framework will define ensemble semantics suitable for evaluating the ensembles and establishing access control at runtime.
Rima Al Ali, Tomáš Bureš, Petr Hnětynka, Filip Krijt, František Plášil, Jiří Vinárek: Dynamic Security Specification Through Autonomic Component Ensembles, in Leveraging Applications of Formal Methods, Verification and Validation. Distributed Systems, Springer International Publishing, pp. 172-185

Almorsy, M., Grundy, J., Ibrahim, Amani S.: MDSE@R: model-driven security engineering at runtime. In: Xiang, Y., Lopez, J., Kuo, C.-C.J., Zhou, W. (eds.) CSS 2012. LNCS, vol. 7672, pp. 279–295. Springer, Heidelberg (2012).

Bures, T., et al.: Trait-based language for smart cyber-physical systems. Technical report D3S-TR-2017-01, Charles University (2017)

Hennicker, R., Klarl, A.: Foundations for ensemble modeling – the helena approach. In: Iida, S., Meseguer, J., Ogata, K. (eds.) Specification, Algebra, and Software. LNCS, vol. 8373, pp. 359–381. Springer, Heidelberg (2014)

Krijt, F. et al.: Intelligent ensembles - a declarative group description language and java framework. In: Proceedings of SEAMS 2017, Buenos Aires, Argentina, pp. 116–122. IEEE (2017)

Laborde, R. et al.: dynSMAUG: a dynamic security management framework driven by situations. In: Proceedings of CSNet 2017, Rio de Janeiro, Brazil, pp. 1–8. IEEE (2017)

Nicola, R.D. et al.: A formal approach to autonomic systems programming: the SCEL language. ACM Trans. Auton. Adapt. Syst. 9(2), 7:1–7:29 (2014)
Charles University | Information system of Charles University |