Modeling Security requirements
The current solution:
Static Access Control --> SecureUML
Dynamic properties --> Activity diagram
Transformation into B method
SecureUML into B: a tool is developing
Activity diagram into B: ???? it's my work
seen from Lithuania
seen from Netherlands

seen from Japan

seen from Japan
seen from China

seen from United States
seen from United States

seen from Germany
seen from United States
seen from United States

seen from United States

seen from Türkiye

seen from Malaysia

seen from United States

seen from Kuwait

seen from Germany
seen from United States
seen from China

seen from United States

seen from United States
Modeling Security requirements
The current solution:
Static Access Control --> SecureUML
Dynamic properties --> Activity diagram
Transformation into B method
SecureUML into B: a tool is developing
Activity diagram into B: ???? it's my work

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
Free to watch • No registration required • HD streaming
Security properties
CONCERN
What are security properties for an IS???
Access control
Security model refers to Access Control model (paper: Principles of the coupling between UML and formal notations).
ANSWER FROM PROF
Security Properties:
Availability Confidentiality (contains Access Control) Integrity
Availability in RBAC deals with granting permission which will ensure resources are available. RBAC can allow only legitimate users can access the recourse. In other word, RBAC avoids occurring undesirable states in which untrusted users get access to the resource and state but a user is entitled to an access permission cannot get it.
Integrity RBAC deals with Integrity by controlling who may modify the protected data.
Confidentiality RBAC deals with Confidentiality by giving access a confidential data only to the authorized users.
For me, they are all defined in Access Control. Because, AC assigns Permission to a Role which a user is entitled. According to that, AC defines who can access, who can modify the resource.