Representing access control policies in use cases
Author
Source
The International Arab Journal of Information Technology
Issue
Vol. 9, Issue 3 (31 May. 2012), pp.268-275, 8 p.
Publisher
Publication Date
2012-05-31
Country of Publication
Jordan
No. of Pages
8
Main Subjects
Information Technology and Computer Science
Topics
Abstract EN
Security requirements of a software product need to receive attention throughout its development lifecycle.
This paper proposes the required notation and format to represent security requirements, especially access control policies in use case diagram and use case description.
Such enhancements offer simple representation for positive and negative authorization, grouping sensitive use cases that form a critical business task, separation of duties–both static and dynamic, least privilege, inheritance of authorizations, and security state or label for data inputted, stored or outputted.
Validating information flow requirements at an early stage prevents costly fixes that are mandated during later stages of the development life cycle.
American Psychological Association (APA)
al-Ghathbar, Khalid. 2012. Representing access control policies in use cases. The International Arab Journal of Information Technology،Vol. 9, no. 3, pp.268-275.
https://search.emarefa.net/detail/BIM-305268
Modern Language Association (MLA)
al-Ghathbar, Khalid. Representing access control policies in use cases. The International Arab Journal of Information Technology Vol. 9, no. 3 (May. 2012), pp.268-275.
https://search.emarefa.net/detail/BIM-305268
American Medical Association (AMA)
al-Ghathbar, Khalid. Representing access control policies in use cases. The International Arab Journal of Information Technology. 2012. Vol. 9, no. 3, pp.268-275.
https://search.emarefa.net/detail/BIM-305268
Data Type
Journal Articles
Language
English
Notes
Includes bibliographical references : p. 274-275
Record ID
BIM-305268
