Framework and DSL for Ensemble-Based Access Control
|Thesis title in Czech:||Framework and DSL for Ensemble-Based Access Control|
|Thesis title in English:||Framework and DSL for Ensemble-Based Access Control|
|Academic year of topic announcement:||2018/2019|
|Type of assignment:||diploma thesis|
|Department:||Department of Distributed and Dependable Systems (32-KDSS)|
|Supervisor:||doc. RNDr. Tomáš Bureš, Ph.D.|
|Author:||Bc. Jan Matějek - assigned and confirmed by the Study Dept.|
|Date of registration:||31.05.2019|
|Date of assignment:||31.05.2019|
|Confirmed by Study dept. on:||31.05.2019|
|In traditional access control systems, permissions are typically specified as sets of static rules pertaining to individual entities under control. This can be impractical in real-world scenarios: authorization invariably depends on wider situational context which often tends to be highly dynamic. This leads to increasingly complex rules, which have to change over time to reflect dynamicity.
Ensemble-based architectures allow dynamic formation of goal-oriented groups in systems with large number of independent autonomous components. Because of the ad-hoc and situation-aware nature of group formation, ensembles offer a novel way of approaching access control.
The goal of this work is to design a Scala framework and internal DSL for describing access control related situations via ensembles. In particular, the framework will define ensemble semantics suitable for evaluating the ensembles and establishing access control at runtime.
|Rima Al Ali, Tomáš Bureš, Petr Hnětynka, Filip Krijt, František Plášil, Jiří Vinárek: Dynamic Security Specification Through Autonomic Component Ensembles, in Leveraging Applications of Formal Methods, Verification and Validation. Distributed Systems, Springer International Publishing, pp. 172-185
Almorsy, M., Grundy, J., Ibrahim, Amani S.: MDSE@R: model-driven security engineering at runtime. In: Xiang, Y., Lopez, J., Kuo, C.-C.J., Zhou, W. (eds.) CSS 2012. LNCS, vol. 7672, pp. 279–295. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-35362-8_22
Bures, T., et al.: Trait-based language for smart cyber-physical systems. Technical report D3S-TR-2017-01, Charles University (2017)
Hennicker, R., Klarl, A.: Foundations for ensemble modeling – the helena approach. In: Iida, S., Meseguer, J., Ogata, K. (eds.) Specification, Algebra, and Software. LNCS, vol. 8373, pp. 359–381. Springer, Heidelberg (2014)
Krijt, F. et al.: Intelligent ensembles - a declarative group description language and java framework. In: Proceedings of SEAMS 2017, Buenos Aires, Argentina, pp. 116–122. IEEE (2017)
Laborde, R. et al.: dynSMAUG: a dynamic security management framework driven by situations. In: Proceedings of CSNet 2017, Rio de Janeiro, Brazil, pp. 1–8. IEEE (2017)
Nicola, R.D. et al.: A formal approach to autonomic systems programming: the SCEL language. ACM Trans. Auton. Adapt. Syst. 9(2), 7:1–7:29 (2014)