Framework and DSL for Ensemble-Based Access Control
Thesis title in Czech: | Framework a DSL pro řízení přístupu založené na ansámblech |
---|---|
Thesis title in English: | Framework and DSL for Ensemble-Based Access Control |
Key words: | komponentové ensembly, řízení přístupu, doménově specifický jazyk |
English key words: | component ensembles, access control, domain-specific language |
Academic year of topic announcement: | 2018/2019 |
Thesis type: | diploma thesis |
Thesis language: | angličtina |
Department: | Department of Distributed and Dependable Systems (32-KDSS) |
Supervisor: | prof. RNDr. Tomáš Bureš, Ph.D. |
Author: | Mgr. Jan Matějek - assigned and confirmed by the Study Dept. |
Date of registration: | 31.05.2019 |
Date of assignment: | 31.05.2019 |
Confirmed by Study dept. on: | 31.05.2019 |
Date and time of defence: | 05.09.2019 09:00 |
Date of electronic submission: | 19.07.2019 |
Date of submission of printed version: | 19.07.2019 |
Date of proceeded defence: | 05.09.2019 |
Opponents: | doc. RNDr. Jan Kofroň, Ph.D. |
Guidelines |
In traditional access control systems, permissions are typically specified as sets of static rules pertaining to individual entities under control. This can be impractical in real-world scenarios: authorization invariably depends on wider situational context which often tends to be highly dynamic. This leads to increasingly complex rules, which have to change over time to reflect dynamicity.
Ensemble-based architectures allow dynamic formation of goal-oriented groups in systems with large number of independent autonomous components. Because of the ad-hoc and situation-aware nature of group formation, ensembles offer a novel way of approaching access control. The goal of this work is to design a Scala framework and internal DSL for describing access control related situations via ensembles. In particular, the framework will define ensemble semantics suitable for evaluating the ensembles and establishing access control at runtime. |
References |
Rima Al Ali, Tomáš Bureš, Petr Hnětynka, Filip Krijt, František Plášil, Jiří Vinárek: Dynamic Security Specification Through Autonomic Component Ensembles, in Leveraging Applications of Formal Methods, Verification and Validation. Distributed Systems, Springer International Publishing, pp. 172-185
Almorsy, M., Grundy, J., Ibrahim, Amani S.: MDSE@R: model-driven security engineering at runtime. In: Xiang, Y., Lopez, J., Kuo, C.-C.J., Zhou, W. (eds.) CSS 2012. LNCS, vol. 7672, pp. 279–295. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-35362-8_22 Bures, T., et al.: Trait-based language for smart cyber-physical systems. Technical report D3S-TR-2017-01, Charles University (2017) Hennicker, R., Klarl, A.: Foundations for ensemble modeling – the helena approach. In: Iida, S., Meseguer, J., Ogata, K. (eds.) Specification, Algebra, and Software. LNCS, vol. 8373, pp. 359–381. Springer, Heidelberg (2014) Krijt, F. et al.: Intelligent ensembles - a declarative group description language and java framework. In: Proceedings of SEAMS 2017, Buenos Aires, Argentina, pp. 116–122. IEEE (2017) Laborde, R. et al.: dynSMAUG: a dynamic security management framework driven by situations. In: Proceedings of CSNet 2017, Rio de Janeiro, Brazil, pp. 1–8. IEEE (2017) Nicola, R.D. et al.: A formal approach to autonomic systems programming: the SCEL language. ACM Trans. Auton. Adapt. Syst. 9(2), 7:1–7:29 (2014) |