A methodology for integrating access control policies
within database development
Jenny Abramov
a,b
, Omer Anson
b
, Michal Dahan
a
, Peretz Shoval
a
, Arnon Sturm
a,
*
a
Department of Information Systems Engineering, Ben-Gurion University, Markus Campus, Beer-Sheva 84105, Israel
b
Deutsche Telekom Laboratories (T-Labs), Ben-Gurion University, Markus Campus, Beer-Sheva 84105, Israel
article info
Article history:
Received 30 January 2011
Received in revised form
8 January 2012
Accepted 17 January 2012
Keywords:
Authorization
Access control
Database design
Security patterns
Domain analysis
FOOM
ADOM
UML
Security
abstract
Security in general and database protection from unauthorized access in particular, are
crucial for organizations. While functional requirements are defined in the early stages of
the development process, non-functional requirements such as security tend to be
neglected or dealt with only at the end of the development process. Various efforts have
been made to address this problem; however, none of them provide a complete framework
to guide, enforce and verify the correct design of security policies, and eventually generate
code from that design.
We present a novel methodology that assists developers, in particular database
designers, to design secure databases that comply with the organizational security policies
that are related to access control. The methodology is applied in two main levels: orga-
nizational level and application development level. At the organizational level, which takes
place before the development of a specific application, organizational policies are defined
in the form of security patterns. These patterns encapsulate accumulated knowledge and
best practices on security related problems. At the application development level, the data-
related security requirements are defined as part of the data model. The security patterns,
which have been defined at the organizational level, guide the definition and imple-
mentation of the security requirements. The correct implementation of the security
patterns is verified during the design stage of the development process, before the auto-
matic generation of the database code. The methodology is supported by a CASE tool that
assists its implementation in the various stages.
ª 2012 Elsevier Ltd. All rights reserved.
1. Introduction
Data is a most valuable asset for an organization, as its
survival depends on the correct management, security, and
confidentiality of the data (Dhillon, 2001). In order to protect
the data, organizations must secure data processing, trans-
mission and storage. In spite of that, even nowadays, orga-
nizational systems are being developed with minor treatment
of security aspects; system developers tend to neglect dealing
with security requirements, or deal with them only at the end
of the development process.
It has been recognized that security must be treated from
the early stages of the software development lifecycle, and
various efforts have been made to address this need. Examples
for studies that deal with incorporation of security aspects
within the development process vary from UML extensions
such as UMLsec (Ju
¨
rjens, 2005) and SecureUML (Lodderstedt
et al., 2002; Basin et al., 2006), to methods for designing
* Corresponding author.
E-mail addresses: jennyab@bgu.ac.il (J. Abramov), oaanson@gmail.com (O. Anson), dahanmic@bgu.ac.il (M. Dahan), shoval@bgu.ac.il
(P. Shoval), sturm@bgu.ac.il (A. Sturm).
Available online at www.sciencedirect.com
journal homepage: www.elsevier.com/locate/cose
computers & security 31 (2012) 299e314
0167-4048/$ e see front matter ª 2012 Elsevier Ltd. All rights reserved.
doi:10.1016/j.cose.2012.01.004