UWE2FACPL - Model-Driven Development of Access Control Policies

A toolchain for modeling and evaluating access control policies

The toolchain we propose enables to specify security requeriments like access control policies using a high-level, graphical, modeling language (called UWE).

UWE2FACPL toolchain
It provides a human understandable view of the policies in force at the system, and then it automates the policy development process towards a formally founded language called FACPL. The toolchain comprises the transformations UWE2XACML and XACML2FACPL.


MagicDraw plugin

The plugin - called MagicUWE - for the CASE tool MagicDraw that has been developed to support the modelling of Web applications using the UML-based Web Engineering (UWE) methodology can be downloaded from here.
MagicUWE contains and uses the UWE Profile v2.1.


UWE2XACML: XPand transformation from UWE to XACML

Example (version of HospInfo), transformed with our UWE2XACML plugin to XACML policies.

The UWE2XACML module of the toolchain can be downloaded from here.


XACML2FACPL: Transformation from XACML to the formally founded language FACPL

The XACML2FACPL module of the toolchain can be downloaded from here.

It is composed by 3 zip files:

  • XACMLTest2 which is the policy compiler
  • XML2FACPL which translates from XACML 2.0 into FACPL
  • XACML_WebTool a simple GWT application for testing the PDP

To access the source code, just import the three unzipped directories into eclipse >= 3.7 (actually tested with Juno). To explore the code, just go to the entry point it.unifi.parser.policy.newversion.MainEntry (in XACMLTest2). In the main method there is an example policy and request and the respective generated classes. A live demo of the XACML_WebTool can be found here.

Publication

Marianne Busch, Nora Koch, Massimiliano Masi, Rosario Pugliese, and Francesco Tiezzi. Towards model-driven development of access control policies for web applications. In First Workshop on Model-Driven Security (MDsec 2012) on the 15th International Conference on Model Driven Engineering Languages and Systems (MoDELS 2012), LNCS. ACMDL, 2012.