Extending OCL for secure database development

Abstract

The Model Driven Architecture (MDA) is becoming an important aspect of software development, since it considers languages and models that can represent an information system at different abstraction levels, and makes it possible a coherent transformation of the system from the domain context into the machine context. In this paper, we present the Object Security Constraint Language V.2. (OSCL2), which is based on the well-known Object Constraint Language V.2. (OCL) of the Unified Modeling Language (UML), and which needs an extension of the UML1 metamodel. This language is defined to be used in secure database development process, incorporating security information and constraints in a Platform Independent Model (UML class model). This security information and constraints are then translated into a Platform Specific Model (multilevel relational model). Finally, they are implemented in a particular Database Management System (DBMS), such as Oracle9i Label Security. These transformations can be done automatically or semi-automatically using OSCL2 compilers. © Springer-Verlag 2004.