Modeling Role Based Access Control in UML

1
Modeling Role Based Access Control in UML

• Based on
• Towards A UML based approach to Role Engineering,
  by P. Epstein and R. Sandhu
• UML-Based representation of RBAC, by Eonsuk Shin
  and Gail-Joon Ahn
• RBAC Constraints Specification using OCL by
  Gail-Joon Ahn and Eonsuk Shin

2
A Brief Introduction to RBAC

• Permissions assigned to roles
• Users play roles, and then they are bestowed with
  all permissions assigned to roles
• Conflict exists between
• Roles
• Users
• Permissions
• Objective is to be able to play roles without
  conflicts

3
The RBAC Model
4
RBAC Continued

• Users belong to groups
• Groups, roles and objects may belong to
  hierarchies
• Generally (but not always) senior roles have all
  permissions assigned to junior roles
• Permissions can be or -
• RCL2000 is a language designed for RBAC
  specifications

5
Towards A UML based approach to Role Engineering

• P. Epstein and R. Sandhu

6
RBAC for Network Enterprises

• Two groups
• Application developers
• Local system administrator
• Application developer responsible for
• 1. Objects 2. Object Handles
• 2. Application Constraints 4. Application keys
• Local System Administrator responsible for
• 5. Enterprise keys 6. Key chains
• 7. Enterprise constraints

7
Layers for Application Developer

1. Objects Attributes methods
2. Object handles Set of objects
3. Application constraints pre-requisite for
   granting access permissions
4. Application keys Associates a role with objects
5. Application keys can be a leaf node of the
   hierarchy or a non-leaf (considered abstract)

8
Layers for System Administrator

• 5. Enterprise Keys
• Each application key is mapped to an
  enterprise key or a key chain.
• 6. Key Chains
• Sets of enterprise keys
• 7. Enterprise Constraints
• Enterprise key permits user to access methods
  of the object, if application constraints are
  satisfied

9
Layers Continued

• A user can be assigned enterprise keys that are
  part of different application key hierarchies
• If a key inherits methods more than key, then in
  worse case the key contains the same method with
  different constraint
• FNE Policy constraints are logically ored

10
(No Transcript)
11
Applying UML

• Layer 1
• objects

12
Layer 2 Object Handle
13
Layer 3 Constraints
14
Layer 4 Application Keys
15
Layer 5 Enterprise Key
16
Layer 6 Key Chains
17
Layer 7 Enterprise Constraints
18
Role Engineering of the 7 Layers
19
UML-Based Representation of RBAC

• By
• Eonsuk Shin and Gail-Joon Ahn

20
RBAC Model Again
21
Details of the RBAC Model

• U set of users, R set of disjoint roles, P set of
  disjoint permissions, S set of sessions
• UA user-to-role mapping
• PA permission-to-role mapping
• RH role hierarchy
• User S -gt U gives user of session
• Role S -gt 2R gives roles of session
• Constraints about conflicts

22
UML Static Model for RBAC
23
Attributes of Entity Classes
24
Use Cases in RBAC
25
RBAC Constraints Specification using OCL

• By
• Gail-Joon Ahn and Eonsuk Shin

26
Example Application constraints in OCL

• Context Company inv
• Self.employee-gtsizegt200
• Context Company inv
• Self.employee-gtselect(agegt50)-gtnotEmpty

27
RBAC Constraints 1

• Separation of duty constraints
• context User inv
• let M Set accounts_mgr, purchase_mgr,
• in M-gtselectmself.role-gtintersction(m)-gt
• size-gt1)-gtisEmpty

28
Prerequisite and Cardinality Constraints

• context User inv
• self.role-gtincludes(tester) implies
• self.role-gtincludes(project_team)
• context Role inv
• self.user-gtselect(uself.namechairman)
• -gtsize 1