Automatic Generation of Smart, Security-Aware GUI Models

Basin, David; Clavel, Manuel; Egea, Marina; Schläpfer, Michael

doi:10.1007/978-3-642-11747-3_16

Cited by 15 publications

(4 citation statements)

References 8 publications

(12 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Conversely to UWE, the resulting diagrams are overloaded as subjects like users are not modeled separately. ActionGUI [1] is a MDD approach that uses SecureUML and ComponentUML to model access control rules, and a GUI model enriched with OCL constraints.…”

Section: Related Workmentioning

confidence: 99%

Towards model-driven development of access control policies for web applications

Busch

Koch

Masi³

et al. 2012

Proceedings of the Workshop on Model-Driven Security

View full text Add to dashboard Cite

show abstract

Section: Related Workmentioning

confidence: 99%

Towards model-driven development of access control policies for web applications

Busch

Koch

Masi³

et al. 2012

Proceedings of the Workshop on Model-Driven Security

View full text Add to dashboard Cite

show abstract

“…In [1] we propose a model-based approach to linking visualization and security. The key idea is that this link is ultimately defined in terms of data actions, since data actions are both controlled by the security policy and triggered by the events supported by the graphical user interface.…”

Section: Model-based Development Of Smart Security-aware Guismentioning

confidence: 99%

“…This editor supports a language, named GUI [1,3], for modeling the behavioral properties of GUIs, namely what are the actions associated to the different events that are supported by the GUI. In a nutshell, this language can be used to model GUIs that con-sist of widgets (buttons, entries, labels) that are displayed inside containers (windows, combo-boxes), which are themselves widgets.…”

Section: Gui Model Editormentioning

confidence: 99%

SSG

Dios

Dania

Schläpfer

et al. 2010

Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2

Self Cite

View full text Add to dashboard Cite

show abstract

“…The backbone of this approach, illustrated in Figure 1, is a model transformation that automatically lifts the access control policy modeled at the level of the data to the level of the GUI [2]. More precisely, given a security model (specifying the access control policy on the application data) and a GUI model (specifying the actions triggered by the events supported by the GUI's widgets), our model transformation generates a GUI model that is security-aware.…”

Section: Introductionmentioning

confidence: 99%

Model-Driven Development of Security-Aware GUIs for Data-Centric Applications

Basin

Clavel

Egea

et al. 2011

Foundations of Security Analysis and Design VI

Self Cite

View full text Add to dashboard Cite

Abstract. In this tutorial we survey a very promising instance of modeldriven security: the full generation of security-aware graphical user interfaces (GUIs) from models for data-centric applications with access control policies. We describe the modeling concepts and languages employed and how model transformation can be used to automatically lift security policies from data models to GUI models. We work through a case study where we generate a security-aware GUI for a chatroom application. We also present a toolkit that supports the construction of security, data, and GUI models and generates complete, deployable, web applications from these models.

show abstract

Automatic Generation of Smart, Security-Aware GUI Models

Cited by 15 publications

References 8 publications

Towards model-driven development of access control policies for web applications

Towards model-driven development of access control policies for web applications

SSG

Model-Driven Development of Security-Aware GUIs for Data-Centric Applications

Contact Info

Product

Resources

About