Abstract. Industrial environments that make use of Model-Driven Engineering (MDE) are starting to see the appearance of very large models, made by millions of elements. Such models are produced automatically (e.g., by reverse engineering complex systems) or manually by a large number of users (e.g., from social networks). The success of MDE in these application scenarios strongly depends on the scalability of model manipulation tools. While parallelization is one of the traditional ways of making computation systems scalable, developing parallel model transformations in a general-purpose language is a complex and error-prone task. In this paper we show that rule-based languages like ATL have strong parallelization properties. Transformations can be developed without taking into account concurrency concerns, and a transformation engine can automatically parallelize execution. We describe the implementation of a parallel transformation engine for the current version of the ATL language and experimentally evaluate the consequent gain in scalability.
In object-oriented programming, continuous refactorings are used as the main mechanism to increase the maintainability of the code base. Unfortunately, in the field of model transformations, such refactoring support is so far missing. This paper tackles this limitation by adapting the notion of refactorings to model-to-model (M2M) transformations. In particular, we present a dedicated catalogue of refactorings for improving the quality of M2M transformations. The refactorings have been explored by analyzing existing transformation examples defined in ATL. However, the refactorings are not specifically tailored to ATL, but applicable also to other M2M transformation languages.
Access-control policies, often the mechanism of choice to implement the security requirements of confidentiality and integrity, can be found in a wide range of application scenarios. Although there are standard languages for accesscontrol and a plethora of works devoted to assure the wellformedness of access-control policies, little attention has been paid to the problem of providing robust and adaptable runtime evaluation engines for the integration of accesscontrol in new DSL's and platforms. Indeed, the integration of access-control requires the development of critical infrastructure facilities around it, so that the policies can be: 1) analyzed and validated and 2) efficiently evaluated against run-time access requests.In order to solve this problem, this paper explores the use of the already mature model transformation frameworks as modern, application-independent infrastructures for accesscontrol languages i.e., following the Policy Enforcement Point(PEP)-Policy Decision Point(PDP) architecture. More specifically, we show how model-driven engineering and the ATL model-transformation framework can be used to lift the infrastructure development burden from developers by providing a robust, flexible and re-usable runtime evaluation engine for rule-based access-control policies.
International audienceSecurity is a critical concern for any database. Therefore, database systems provide a wide range of mechanisms to enforce security constraints. These mechanisms can be used to implement part of the security policies requested of an organization. Nevertheless, security requirements are not static, and thus, implemented policies must be changed and reviewed. As a first step, this requires to discover the actual security constraints being enforced by the database and to represent them at an appropriate abstraction level to enable their understanding and reenginering by security experts. Unfortunately, despite the existence of a number of techniques for database reverse engineering, security aspects are ignored during the process. This paper aims to cover this gap by presenting a security metamodel and reverse engineering process that helps security experts to visualize and manipulate security policies in a vendor-independent manner
Abstract. Out-of-the-box Web Content Management Systems (WCMSs) are the tool of choice for the development of millions of enterprise web sites but also the basis of many web applications that reuse WCMS for important tasks like user registration and authentication. This widespread use highlights the importance of their security, as WCMSs may manage sensitive information whose disclosure could lead to monetary and reputation losses. However, little attention has been brought to the analysis of how developers use the content protection mechanisms provided by WCMSs, in particular, Access-control (AC). Indeed, once configured, knowing if the AC policy provides the required protection is a complex task as the specificities of each WCMS need to be mastered. To tackle this problem, we propose here a metamodel tailored to the representation of WCMS AC policies, easing the analysis and manipulation tasks by abstracting from vendor-specific details.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.