Salvador Martínez scite author profile

Abstract. Industrial environments that make use of Model-Driven Engineering (MDE) are starting to see the appearance of very large models, made by millions of elements. Such models are produced automatically (e.g., by reverse engineering complex systems) or manually by a large number of users (e.g., from social networks). The success of MDE in these application scenarios strongly depends on the scalability of model manipulation tools. While parallelization is one of the traditional ways of making computation systems scalable, developing parallel model transformations in a general-purpose language is a complex and error-prone task. In this paper we show that rule-based languages like ATL have strong parallelization properties. Transformations can be developed without taking into account concurrency concerns, and a transformation engine can automatically parallelize execution. We describe the implementation of a parallel transformation engine for the current version of the ATL language and experimentally evaluate the consequent gain in scalability.

show abstract

A Catalogue of Refactorings for Model-to-Model Transformations.

Wimmer¹,

Martínez²,

Jouault³

et al. 2012

JOT

View full text Add to dashboard Cite

In object-oriented programming, continuous refactorings are used as the main mechanism to increase the maintainability of the code base. Unfortunately, in the field of model transformations, such refactoring support is so far missing. This paper tackles this limitation by adapting the notion of refactorings to model-to-model (M2M) transformations. In particular, we present a dedicated catalogue of refactorings for improving the quality of M2M transformations. The refactorings have been explored by analyzing existing transformation examples defined in ATL. However, the refactorings are not specifically tailored to ATL, but applicable also to other M2M transformation languages.

show abstract

Management of stateful firewall misconfiguration

García-Alfaro

Cuppens

Cuppens-Boulahia

et al. 2013

Computers & Security

View full text Add to dashboard Cite

Runtime support for rule-based access-control evaluation through model-transformation

Martínez

Garcia

Cabot

2016

View full text Add to dashboard Cite

Access-control policies, often the mechanism of choice to implement the security requirements of confidentiality and integrity, can be found in a wide range of application scenarios. Although there are standard languages for accesscontrol and a plethora of works devoted to assure the wellformedness of access-control policies, little attention has been paid to the problem of providing robust and adaptable runtime evaluation engines for the integration of accesscontrol in new DSL's and platforms. Indeed, the integration of access-control requires the development of critical infrastructure facilities around it, so that the policies can be: 1) analyzed and validated and 2) efficiently evaluated against run-time access requests.In order to solve this problem, this paper explores the use of the already mature model transformation frameworks as modern, application-independent infrastructures for accesscontrol languages i.e., following the Policy Enforcement Point(PEP)-Policy Decision Point(PDP) architecture. More specifically, we show how model-driven engineering and the ATL model-transformation framework can be used to lift the infrastructure development burden from developers by providing a robust, flexible and re-usable runtime evaluation engine for rule-based access-control policies.

show abstract

Reverse Engineering of Database Security Policies

Martínez¹,

Cosentino²,

Cabot³

et al. 2013

View full text Add to dashboard Cite

International audienceSecurity is a critical concern for any database. Therefore, database systems provide a wide range of mechanisms to enforce security constraints. These mechanisms can be used to implement part of the security policies requested of an organization. Nevertheless, security requirements are not static, and thus, implemented policies must be changed and reviewed. As a first step, this requires to discover the actual security constraints being enforced by the database and to represent them at an appropriate abstraction level to enable their understanding and reenginering by security experts. Unfortunately, despite the existence of a number of techniques for database reverse engineering, security aspects are ignored during the process. This paper aims to cover this gap by presenting a security metamodel and reverse engineering process that helps security experts to visualize and manipulate security policies in a vendor-independent manner

show abstract

Towards an Access-Control Metamodel for Web Content Management Systems

Martínez¹,

García-Alfaro²,

Cuppens³

et al. 2013

View full text Add to dashboard Cite

Abstract. Out-of-the-box Web Content Management Systems (WCMSs) are the tool of choice for the development of millions of enterprise web sites but also the basis of many web applications that reuse WCMS for important tasks like user registration and authentication. This widespread use highlights the importance of their security, as WCMSs may manage sensitive information whose disclosure could lead to monetary and reputation losses. However, little attention has been brought to the analysis of how developers use the content protection mechanisms provided by WCMSs, in particular, Access-control (AC). Indeed, once configured, knowing if the AC policy provides the required protection is a complex task as the specificities of each WCMS need to be mastered. To tackle this problem, we propose here a metamodel tailored to the representation of WCMS AC policies, easing the analysis and manipulation tasks by abstracting from vendor-specific details.

show abstract

A model-driven approach for the extraction of network access-control policies

Martínez

Cabot

García-Alfaro

et al. 2012

View full text Add to dashboard Cite

12 3

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.